2-20
Configuring Username and Password Security
Saving Security Credentials in a Config File
Include-Credentials Radius-Tacacs-Only Option
This option allows you to execute include-credentials for only RADIUS and
TACACS. The radius-tacacs-only option does not cause the switch to store
authentication passwords and SSH keys in the configuration file.
When include-credentials radius-tacacs-only is executed, this warning message
displays.
Syntax: [no] include-credentials [radius-tacacs-only | store-in-config]
Enables the inclusion of passwords and security credentials in
each configuration file when the file is saved onto a remote server
or workstation.
When no include-credentials is executed, include-credentials is
disabled. Credentials continue to be stored in the active and
inactive configuration files but are not displayed.
radius-tacacs-only: When executed with the radius-tacacs-only
option, only the RADIUS and TACACS security keys are
included in the configuration when saving files remotely.
The radius-tacacs-only option can be disabled with either
command:
no include-credentials
no include-credentials radius-tacacs-only
store-in-config: Stores passwords and SSH authorized keys in
the configuration files. This happens automatically when
include-credentials is enabled.
The no include-credentials store-in-config command disables
include-credentials and removes credentials stored in the
configuration files. The switch reverts to storing only a single
set of passwords and SSH keys, regardless of which
configuration file is booted.
To Next Page
Loading...
Need help?
General