Disable username prompt for management interface authentication in the Quick Base system

Authentication bypass for the username when logging onto the switch.

Syntax:

[no]aaa authentication disable-username

Use the disable-username command in manager mode to by-pass prompting username at the authentication feature of the switch. Execution of the above command on the switch enables the switch to bypass prompting username if applicable and only password is used for authentication only when both operator and manager usernames are default. The disable-username command will display an acceptance option and security warning message similar to the following:
Bypass username during authentication while logging 
into the device to get Manager or Operator access? (y/n)
Entering “y/Y” will complete setting the command.

The default configuration of the switch is to authenticate based on username and password. This command is disabled by default in the switch configuration. An event log message (warning) will be logged that relates to this command. The event log message with be similar to the following:
W 05/22/13 21:02:06 00419 auth: Bypassing the username 
for Operator and Manager access level is enabled
NOTE: The protocols SFTP and SCP which are based on SSH will exhibit similar behavior as SSH. There are no changes required for PCM and IDM.

Switch behavior with Telnet

The behavior of the switch software in different management interfaces when the disable-username command is enabled.

Telnet Example: 1:

Operator password: Set                                  Manager password: Not set
Operator username: Not set                              Manager username: Not set 
Entering the operator password will log onto the switch in operator mode.

Entering the enable command in operator mode will provide access to the switch in manager.

Telnet Example: 2:

Operator password: Not set                              Manager password: Set
Operator username: Not set                              Manager username: Not set
Entering the manager password will log onto the switch in manager mode.

Entering the enable command in the operator mode will prompt for the password to be entered for manager mode.

Telnet Example: 3:

Operator password: Set                          Manager password: Set
Operator username: Not set                      Manager username: Not set
Entering the operator password will log onto the switch in operator mode.

Entering the enable command in the operator mode will prompt for the password to be entered for manager mode.

Entering the manager password will log onto the switch in manager mode.

Telnet Example: 4:

Operator password: Set                  Manager password: Set
Operator username: Not set              Manager username: Not set 
Both Operator and Manager Passwords are the same

Entering the common password will log onto the switch in manager mode

User login screen

Switch behavior with SSH

There is no username prompt in SSH, (for example: ssh any_username@IP-address). The following configuration examples are related to SSH:

SSH configuration Example: 1:

In the following configuration, the password is entered without the username. Once the enable command is entered, the username prompt will be bypassed.
Operator password: Set                                  Manager password: Not set
Operator username: Not set        Manager username: Not set
Entering the operator password will log onto the switch in operator mode.

Entering the enable command in the operator mode will prompt for the password to be entered for manager mode.

SSH configuration Example: 2:

Operator password: Not set                                      Manager password: Set
Operator username: Not set                                      Manager username: Not set
Executing any key will log onto the switch in operator mode.

Entering the enable command in the operator mode will prompt for the password to be entered for manager mode

The manager password will log onto the manager mode.

SSH configuration Example: 3:

Operator password: Set                                   Manager password: Set
Operator username: Not set                               Manager username: Not set
Entering the operator password will log onto the switch in operator mode.

Entering the enable command in the operator mode will prompt for the password to be entered for manager mode.

SSH configuration Example: 4:

Operator password: Set                                          Manager password: Set
Operator username: Not set                                      Manager username: Not set
Both Operator and Manager passwords are the same

Entering the password logs onto the switch in the manager mode.

SSH configuration screen

Switch behavior with WebUI

The user is prompted for both username and password. Any entry including blank in the username field is allowed. This condition is true for all the below configuration.

WebUI configuration Example: 1:

Operator password: Set                          Manager password: Not set
Operator username: Not set                      Manager username: Not set
Entering only the operator password, logs onto the switch in manager mode because manager password has not been set.

WebUI configuration Example: 2:

Operator password: Not set                       Manager password: Set
Operator username: Not set                               Manager username: Not set
Selecting the login link on the WebUI will prompt for log in.

Entering only the manager password, logs onto the switch in manager mode.

WebUI configuration Example: 3:

Operator password: Set                                  Manager password: Set
Operator username: Not set                              Manager username: Not set
Logging in using the operator password logs onto the switch in operator mode.

Entering only the manager password, logs onto the switch in manager mode.

WebUI configuration Example: 4:

Operator password: Set                                  Manager password: Set
Operator username: Not set                              Manager username: Not set
Both Operator and Manager passwords are the same

Entering only the password, logs onto the switch in manager mode.

WebUI logon screen


	NOTE: This feature does not capture solutions for other applications that mandate the username and does not capture the solution based on the type of management interface used.

prev	up	next
Configuring the switch for SSH operation	home	SSH client public-key authentication notes


	NOTE: The protocols SFTP and SCP which are based on SSH will exhibit similar behavior as SSH. There are no changes required for PCM and IDM.