Brocade TurboIron 24X Series Configuration Guide User Manual
Page 122
88
Brocade TurboIron 24X Series Configuration Guide
53-1003053-01
Configuring TACACS/TACACS+ security
AAA security for commands pasted into the running-config
If AAA security is enabled on the device, commands pasted into the running-config are subject to
the same AAA operations as if they were entered manually.
When you paste commands into the running-config, and AAA command authorization or
accounting, or both, are configured on the device, AAA operations are performed on the pasted
commands. The AAA operations are performed before the commands are actually added to the
running-config. The server performing the AAA operations should be reachable when you paste the
commands into the running-config file. If the device determines that a pasted command is invalid,
AAA operations are halted on the remaining commands. The remaining commands may not be
executed if command authorization is configured.
User logs in using Telnet/SSH
Login authentication:
aaa authentication login default
Exec authorization (TACACS+):
aaa authorization exec default tacacs+
Exec accounting start (TACACS+):
aaa accounting exec default
aaa accounting system default start-stop
User logs out of Telnet/SSH session
Command accounting (TACACS+):
aaa accounting commands
aaa accounting exec default start-stop
User enters system commands
(for example, reload, boot system)
Command authorization (TACACS+):
aaa authorization commands
Command accounting (TACACS+):
aaa accounting commands
aaa accounting system default start-stop
User enters the command:
[
no
]
aaa accounting system default
start-stop
Command authorization (TACACS+):
aaa authorization commands
Command accounting (TACACS+):
aaa accounting commands
aaa accounting system default start-stop
User enters other commands
Command authorization (TACACS+):
aaa authorization commands
Command accounting (TACACS+):
aaa accounting commands
TABLE 19
User action
Applicable AAA operations