Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Device Passwords. Using SSH, Console, VTY, and AAA

I know that without using SSH, and strictly using telnet, console, I can set a password for both my VTY lines and the console separately.

When I enable AAA for local SSH username and passwords, it asks me for a username and password even when I only connect using the console, when before enabling AAA, connecting to the console would just ask me for the password, and not a username and password.

Is this normal?

Does enabling AAA username and passwords take precedence over all authentication on all ports?

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Silver

Re: Device Passwords. Using SSH, Console, VTY, and AAA

Nelson

Yes this is normal. And yes enabling aaa new-model does take precedence over all authentication on all ports.

If you still want to login on the console and just use the console password it is possible to configure the router to do this (though frankly AAA is usually more secure and is preferred). If you want the console to authenticate with the line password the config might look something like this:

aaa authentication login cons_auth line

line con 0

login authentication cons_auth

HTH

Rick

3 REPLIES
Hall of Fame Super Silver

Re: Device Passwords. Using SSH, Console, VTY, and AAA

Nelson

Yes this is normal. And yes enabling aaa new-model does take precedence over all authentication on all ports.

If you still want to login on the console and just use the console password it is possible to configure the router to do this (though frankly AAA is usually more secure and is preferred). If you want the console to authenticate with the line password the config might look something like this:

aaa authentication login cons_auth line

line con 0

login authentication cons_auth

HTH

Rick

New Member

Re: Device Passwords. Using SSH, Console, VTY, and AAA

Thanks so much, Rick. Helps a lot.

Hall of Fame Super Silver

Re: Device Passwords. Using SSH, Console, VTY, and AAA

Nelson

I am glad that my response was helpful. Thank you for using the rating system to indicate that your question was resolved (and thanks for the rating). It makes the forum more useful when people can read a question and can know that there was a response which did lead to a solution.

HTH

Rick

272
Views
0
Helpful
3
Replies
CreatePlease login to create content