Managing Network Devices
431
password is not set. You can tell the router to allow Telnet connections with-
out a password by using the no login command:
Router(config-line)#line vty 0 197
Router(config-line)#no login
After your routers are configured with an IP address, you can use the Tel-
net program to configure and check them instead of having to use a console
cable. You can use the Telnet program by typing telnet from any command
prompt (DOS or Cisco).
The Login Option
In the preceding examples, we used the login command to indicate to the
router where to find the login information that tells it to prompt for authen-
tication. For example, the login command was used in the console, auxil-
iary, and VTY lines. The system then automatically uses the line as a login
and will prompt for the password set under that particular line.
However, there are other options you can use that are more specific:
login
Indicates where to find the user information.
login local
Indicates that the information will be found locally in the
username statement (the username statement will be described shortly).
login authentication
Used in conjunction with the login tacacs
command to indicate that the login information is contained on a central-
ized authentication server.
login tacacs
Used in conjunction with the login authentication
command to indicate that the login information is contained on a central-
ized authentication server. Using a centralized server makes it easier to
maintain a large number of users and devices.
Cisco recommends that you require your users to log in to the system with
a username and password instead of just handing out the enable secret pass-
word to all administrators. Using this method allows you to keep track of
administrators and what changes they have made on a device.
To set up usernames, use the username command. Here is an example:
Username todd password console1
Copyright ©2000 SYBEX , Inc., Alameda, CA
www.sybex.com