Dell FCX624-S Laptop User Manual


  Open as PDF
of 1494
 
PowerConnect B-Series FCX Configuration Guide 1193
53-1002266-01
Configuring RADIUS security
32
NOTE
For examples of how to define authentication-method lists for types of authentication other than
RADIUS, refer to “Configuring authentication-method lists” on page 1198.
Entering privileged EXEC mode after a Telnet or SSH login
By default, a user enters User EXEC mode after a successful login through Telnet or SSH.
Optionally, you can configure the device so that a user enters Privileged EXEC mode after a Telnet
or SSH login. To do this, use the following command.
PowerConnect(config)#aaa authentication login privilege-mode
Syntax: aaa authentication login privilege-mode
The user privilege level is based on the privilege level granted during login.
Configuring enable authentication to prompt for password only
If Enable authentication is configured on the device, when a user attempts to gain Super User
access to the Privileged EXEC and CONFIG levels of the CLI, by default he or she is prompted for a
username and password. You can configure the Dell PowerConnect device to prompt only for a
password. The device uses the username entered at login, if one is available. If no username was
entered at login, the device prompts for both username and password.
To configure the Dell PowerConnect device to prompt only for a password when a user attempts to
gain Super User access to the Privileged EXEC and CONFIG levels of the CLI.
PowerConnect(config)#aaa authentication enable implicit-user
Syntax: [no] aaa authentication enable implicit-user
TABLE 205 Authentication method values
Method parameter Description
line Authenticate using the password you configured for Telnet access. The Telnet password is
configured using the enable telnet password… command. Refer to “Setting a Telnet
password” on page 1149.
enable Authenticate using the password you configured for the Super User privilege level. This
password is configured using the enable super-user-password… command. Refer to
“Setting passwords for management privilege levels” on page 1150.
local Authenticate using a local user name and password you configured on the device. Local
user names and passwords are configured using the username… command. Refer to
“Configuring a local user account” on page 1158.
tacacs Authenticate using the database on a TACACS server. You also must identify the server to
the device using the tacacs-server command.
tacacs+ Authenticate using the database on a TACACS+ server. You also must identify the server to
the device using the tacacs-server command.
radius Authenticate using the database on a RADIUS server. You also must identify the server to
the device using the radius-server command.
none Do not use any authentication method. The device automatically permits access.