User Accounts
User identification can best be accomplished with a aggregate of the username and countersign parameters. The antecedent section
discussed how to actualize able passwords that can be acclimated to accredit a user. This area elaborates on the aggregate the two.
To authorize a credential-based affidavit system, you can actualize usernames on a accessory for all accessory operators. Usernames
configured from all-around agreement access are stored in device's bounded database. Give anniversary abettor a login username for the
device. This allows you to clue which user makes changes to the agreement and can be advantageous for announcement and accounting
purposes. The login accounts are created with the username command and can be assigned altered advantage levels and
passwords. (Privilege levels are discussed in added detail after in the chapter.) Also agenda that back application the username secret
command, the countersign will be encrypted as an MD5 hash.
Router(config)# username {username} countersign {password}
Router(config)# username {username} abstruse {password}
Router(config)# username {username} advantage {priv_level}
User accounts can be acclimated for several applications—for example, animate or vty lines, VPN users, and alien dial-in users.
Accounts that are no best appropriate should be removed from the configuration.
A added scalable and adopted access is to use the authentication, authorization, and accounting (AAA) technology, which discussed in detail in the additional allotment of this book, "Identity Security and Access Management ."