[c-nsp] aaa different for console logins? - Jon Lewis - net.nether.puck.cisco-nsp

10 messages in net.nether.puck.cisco-nsp[c-nsp] aaa different for console log...

From	Sent On	Attachments
Jon Lewis	Jan 11, 2005 2:17 pm
Jon Lewis	Jan 11, 2005 3:08 pm
Oliver Boehmer (oboehmer)	Jan 11, 2005 3:34 pm
John Lyons	Jan 11, 2005 3:50 pm
Jon Lewis	Jan 11, 2005 8:50 pm
Oliver Boehmer (oboehmer)	Jan 12, 2005 4:11 am
Jon Lewis	Jan 12, 2005 7:04 am
Oliver Boehmer (oboehmer)	Jan 12, 2005 7:36 am
Jon Lewis	Jan 12, 2005 8:18 am
Oliver Boehmer (oboehmer)	Jan 12, 2005 8:30 am

	Permalink for this message Paste this link in email or IM:
	Permalink for this thread Paste this link in email or IM:
	Atom feed for this thread Paste this URL into your reader:

Subject:	[c-nsp] aaa different for console logins?	Actions...
From:	Jon Lewis (jle...@lewis.org)
Date:	Jan 11, 2005 8:50:17 pm
List:	net.nether.puck.cisco-nsp

On Tue, 11 Jan 2005, Oliver Boehmer (oboehmer) wrote:

by default, console sessions are not authorized via AAA (a safeguard against a misconfigured authorization). configure "aaa authorization console" (could be hidden, depending on IOS release) if you want to change this behaviour.

Ah, so thats to stop you from giving out enable on the console accidentally? It does use AAA for authentication on the console without doing anything special.

My reason for looking into this is that we use AAA (radius) to authenticate noc staff logins (so we don't have to change enable secrets any time someone leaves) and during emergencies when someone has to console in, I'd like them to get enable without having to tell them the "super secret enable secret".

	Start a set with this search
	Include this search in one of my sets
	Exclude this search from one of my sets
	Permalink to these results Paste this link in email or IM:
	Atom feed for tracking future search results Paste this URL into your reader: