KB.15.15

Figure 101 Example of the switch TACACS+ configuration listing

Viewing key information

Use the show running-config command to display the key information.

Figure 102 Example running configuration file with host-specific key for TACACS+ with the "~"

included

Using TACACS+

Using the privilege-mode option for login

When using TACACS+ to control user access to the switch, first login with your username at the

operator privilege level using the password for operator privileges, then login again with the same

username but using the Manger password to obtain manager privileges. You can avoid this double

command to enable TACACS+ for a single login. The switch authenticates your username/password,

then requests the privilege level (operator or manager) that was configured on the TACACS+ server

for this username/password. The TACACS+ server returns the allowed privilege level to the switch.

You are placed directly into operator or manager mode, depending on your privilege level.

HP Switch(config) aaa authentication login privilege-mode

The no version of the above command disables TACACS+ single login capability.

Selecting the access method for configuration

Syntax:

aaa authentication

< console | telnet | ssh | web | port-access >

Selects the access method for configuration.

< enable >

The server grants privileges at the manager privilege level.

Using TACACS+ 131