Authentication parameters

AAA authentication parameters
Name	Default	Range	Function
console, Telnet, SSH, web or port-access	n/a	n/a	Specifies the access method used when authenticating. TACACS+ authentication only uses the console, Telnet or SSH access methods.
`enable`	n/a	n/a	Specifies the manager (read/write) privilege level for the access method being configured.
`login <privilege-mode>`	privilege-mode disabled	n/a	`login`: Specifies the operator (read-only) privilege level for the access method being configured. The `privilege-mode` option enables TACACS+ for a single login. The authorized privilege level (operator or manager) is returned to the switch by the TACACS+ server.
`local` - or -`tacacs`	`local`	n/a	Specifies the primary method of authentication for the access method being configured. `local`: Use the username/password pair configured locally in the switch for the privilege level being configured `tacacs`: Use a TACACS+ server.
`local` - or -`none`	`none`	n/a	Specifies the secondary (backup) type of authentication being configured. `local`: The username/password pair configured locally in the switch for the privilege level being configured `none`: No secondary type of authentication for the specified method/privilege path. (Available only if the primary method of authentication for the access being configured is local.) NOTE: If you do not specify this parameter in the command line, the switch automatically assigns the secondary method as follows: If the primary method is `tacacs`, the only secondary method is `local`. If the primary method is `local`, the default secondary method is `none`.
`num-attempts`	3	1–10	In a given session, specifies how many tries at entering the correct username/password pair are allowed before access is denied and the session terminated.