show aaa authentication

Syntax

show aaa authentication [vsx-peer]

Description

Shows the authentication configuration per connection type (channel).

Command context

Operator (>) or Manager (#)

Parameters

[vsx-peer]

Shows the output from the VSX peer switch. If the switches do not have the VSX configuration or the ISL is down, the output from the VSX peer switch is not displayed. This parameter is available on switches that support VSX.

Authority

Operators or Administrators or local user group members with execution rights for this command. Operators can execute this command from the operator context (>) only.

Example

Configuring TACACS+ authentication sequences and then showing the configuration per connection type (channel):

switch(config)# aaa authentication login default group tg1 tg2 tg3 tg4 tacacs local
switch(config)# aaa authentication login ssh group tg1 tg2
switch(config)# aaa authentication login console group tg4 tacacs local
switch(config)# aaa authentication login https-server local group tacacs tg3
switch(config)# exit
switch# show aaa authentication

AAA Authentication:
  Fail-through              : Enabled
  Limit Login Attempts      : Not set
  Lockout Time              : 300
  Minimum Password Length   : Not set

Authentication for default channel:
---------------------------------------------------------------------------------
GROUP NAME                       | GROUP PRIORITY
---------------------------------------------------------------------------------
tg1                              | 0
tg2                              | 1
tg3                              | 2
tg4                              | 3
tacacs                           | 4
local                            | 5
---------------------------------------------------------------------------------

Authentication for ssh channel:
---------------------------------------------------------------------------------
GROUP NAME                       | GROUP PRIORITY
---------------------------------------------------------------------------------
tg1                              | 0
tg2                              | 1
---------------------------------------------------------------------------------

Authentication for console channel:
---------------------------------------------------------------------------------
GROUP NAME                       | GROUP PRIORITY
---------------------------------------------------------------------------------
tg4                              | 0
tacacs                           | 1
local                            | 2
---------------------------------------------------------------------------------

Authentication for https-server channel:
---------------------------------------------------------------------------------
GROUP NAME                       | GROUP PRIORITY
---------------------------------------------------------------------------------
local                            | 0
tacacs                           | 1
tg3                              | 2
---------------------------------------------------------------------------------

Configuring RADIUS authentication sequences and then showing the configuration per connection type (channel):

switch(config)# aaa authentication login default group rg1 rg2 rg3 rg4 radius local
switch(config)# aaa authentication login console group rg4 radius local
switch(config)# exit
switch# show aaa authentication

AAA Authentication:
  Fail-through              : Enabled
  Limit Login Attempts      : Not set
  Lockout Time              : 300
  Minimum Password Length   : Not set

Authentication for default channel:
---------------------------------------------------------------------------------
GROUP NAME                       | GROUP PRIORITY
---------------------------------------------------------------------------------
rg1                              | 0
rg2                              | 1
rg3                              | 2
rg4                              | 3
radius                           | 4
local                            | 5
---------------------------------------------------------------------------------

Authentication for console channel:
---------------------------------------------------------------------------------
GROUP NAME                       | GROUP PRIORITY
---------------------------------------------------------------------------------
rg4                              | 0
radius                           | 1
local                            | 2
---------------------------------------------------------------------------------

Configuring only default authentication and then showing the default connection type (channel):

switch(config)# aaa authentication login default local
switch(config)# exit
switch# show aaa authentication

AAA Authentication:
  Fail-through                          : Disabled
  Limit Login Attempts                  : Not set
  Lockout Time                          : 300
  Minimum Password Length               : Not set

Authentication for default channel:
---------------------------------------------------------------------------------
GROUP NAME                       | GROUP PRIORITY
---------------------------------------------------------------------------------
local                            | 0
---------------------------------------------------------------------------------