Configuration notes, Tacacs and tacacs, Tacacs+ show commands – Brocade 6910 Ethernet Access Switch Diagnostic Guide (Supporting R2.2.0.0) User Manual

Brocade 6910 Ethernet Access Switch Diagnostic Guide

69

53-1002653-01

7

DRAFT: BROCADE CONFIDENTIAL

TACACS and TACACS+

Storage Type : volatile

Row Status : active

show snmp user

Syntax: show snmp user

This command displays the definition of local and remote SNMP user accounts, as shown in the
following example.

Configuration notes

•

SNMP read-only or read-write community strings are always required for SNMP access to the
device.

•

SNMP access is enabled by default.

•

If you do not enable Telnet access, you can access the CLI using a serial connection to the
console port. If you do not enable SNMP access, you will not be able to use or SNMP
management applications.

•

For management access, you must configure authentication-method lists if you want the
device to authenticate access using local user accounts or a RADIUS server. Otherwise, the
device will authenticate using only the locally based password for the Administrator privilege
level.

TACACS and TACACS+

Terminal Access Controller Access Control System Plus (TACACS+) is an enhancement to the
TACACS security protocol. TACACS+ improves on TACACS by separating the functions of
authentication, authorization, and accounting (AAA) and by encrypting all the traffic between the
Brocade device and the TACACS+ server.

TACACS+ show commands

show tacacs-server

Syntax: show tacacs-server

Console# show snmp user

EngineId: 800000ca030030f1df9ca00000

User Name: steve

Authentication Protocol: md5

Privacy Protocol: des56

Storage Type: nonvolatile

Row Status: active

SNMP remote user

EngineId: 80000000030004e2b316c54321

User Name: mark

Authentication Protocol: mdt

Privacy Protocol: des56

Storage Type: nonvolatile

Row Status: active