Name

login — line

Synopsis

login [local | tacacs]
no login [login | tacacs]

Configures

The login authentication method for connections

Default

No authentication

Description

This command tells the line to authenticate the user before allowing access. If you give this command without any arguments, you must use the password command to specify a password for this line. The local keyword tells the router to maintain its own database of users, created using the username command. The tacacs keyword tells the router to authenticate users by contacting a TACACS server.

When using login local, make sure you have at least one username configured before you log out. Otherwise, you will be locked out of the specified lines.

Example

To enable simple authentication using a single password for all access through this line:

line vty 0 4
  login 
  password letmein

These commands enable authentication using a local database of usernames and user-specific passwords; users Bob, Ann, and John are the only ones able to log into this line.

username bob password letmein
username ann password letmein2
username john password letmein3
line vty 0 4
  login local

Get CISCO IOS in a Nutshell now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.