hwtacacs scheme acs
primary authentication 10.222.250.13
primary authorization 10.222.250.13
primary accounting 10.222.250.13
secondary authentication 10.222.250.14
secondary authorization 10.222.250.14
secondary accounting 10.222.250.14
key authentication simple nas
key authorization simple nas
key accounting simple nas
user-name-format without-domain
nas-ip 12.2.8.20
quit
domain aaa
authentication login hwtacacs-scheme acs local
authorization login hwtacacs-scheme acs local
accounting login hwtacacs-scheme acs local
quit
domain default enable aaa
ssh server enable
public-key local create rsa //生成 RSA 密钥对,ssh配置很容易忘记这条命令
line vty 0 63
authentication-mode scheme
user-role network-admin
quit
local-user works class manage
password simple 123456
service-type ssh
authorization-attribute user-role network-admin
quit
Tacacs+配置请参考相关文档
