Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

aaa new-model

Hi,

If i define aaa new-model (i.e. to use local username/password) and password under vty configuration, which one would be applicable while doing ssh into the router/switch.

Thanks.

3 REPLIES

Re: aaa new-model

Hi

It goes under vty, you just need to allow the transport

Line vty 0 4

Transport input ssh telnet

Then create the user under global conf

Username blah password blah

New Member

Re: aaa new-model

Hi,

Does it mean if username is defined, ssh/telnet would not refer to password under vty.

Re: aaa new-model

It depends on that you have set the aaa authentication to look at. If you use the command :-

aaa authentication login default line

then it will look at the line password (username can be anything), but the default will want a username and password and will not use the password under the vty details.

With the command:-

aaa authentication login default local line

It will try the line password first (username can be anything) if that fails it tries to match a username and password in the local database.

1042
Views
5
Helpful
3
Replies