2-11
Configuring Username and Password Security
Saving Security Credentials in a Config File
■ The chapter on “Switch Memory and Configuration” in the Management
and Configuration Guide.
■ “Configuring Local Password Security” on page 2-6 in this guide.
Enabling the Storage and Display of Security
Credentials
To enable the security settings, enter the include-credentials command.
Security Settings that Can Be Saved
The security settings that can be saved are:
■ Local manager and operator passwords and user names
■ SNMP security credentials, including SNMPv1 community names and
SNMPv3 usernames, authentication, and privacy settings
■ 802.1X port-access passwords and usernames
■ TACACS+ encryption keys
■ RADIUS shared secret (encryption) keys
■ Public keys of SSH-enabled management stations that are used by the
switch to authenticate SSH clients that try to connect to the switch
Syntax: [no] include-credentials
Enables the inclusion and display of the currently configured
manager and operator usernames and passwords, RADIUS shared
secret keys, SNMP and 802.1X authenticator (port-access) security
credentials, and SSH client public-keys in the running
configuration.
To view the currently configured security settings in the running
configuration, enter one of the following commands:
■ show running-config: Displays the configuration settings in the
current running-config file.
■ write terminal: Displays the configuration settings in the current
running-config file.
For more information, refer to “Switch Memory and
Configuration” in the Management and Configuration Guide.
The “no” form of the command disables only the display and copying
of these security parameters from the running configuration, while
the security settings remain active in the running configuration.
Default: The security credentials described in “Security Settings
that Can Be Saved” on page 2-11 are not stored in the running
configuration.
