Kentrox AI296 Computer Hardware User Manual


 
AI296 Version 9.8x User’s Guide
AI296 Commands: aaa
9-7
authen
Enables or disables TACACS+ authentication for AI296 command shell
access. TACACS+ authentication may be enabled on all connections,
or on a connection type basis. By default, TACACS+ authentication is
disabled on all connection types. The following parameters are
accepted:
z all—Enables or disables TACACS+ authentication on all
connection types.
Note: If no connection type is specified, all is automatically
selected.
z async—Enables or disables TACACS+ authentication on
asynchronous link connections.
z disable—Disables TACACS+ authentication.
z enable—Enables TACACS+ authentication.
z ftp—Enables or disables TACACS+ authentication on FTP
connections.
z telnet—Enables or disables TACACS+ authentication on Telnet
connections.
author
Configures the TACACS+ authorization method for the AI296 shell.
The authorization method can be either privilege level or
per-command. Privilege level authorization is based on the priv-lvl
returned from the TACACS+ server. Per-command authorization
requires AI296 to contact the TACACS+ server for each shell command
run by a user. Individual commands are then allowed or denied.
Note: Authorization is performed only on the connection types that
have enabled authentication. For information about enabling
authentication, refer to command
aaa authen.
The following parameters are accepted:
z command—Configures the TACACS+ authorization method that
requires to contact the TACACS+ server for each shell command
run by a user. Individual commands are then allowed or denied.
z priv-lvl—Configures the TACACS+ authorization method based
on the priv-lvl returned from the TACACS+ server.
chpass
Changes the current user’s password on the TACACS+ server.
Note: The TACACS+ server may not support, or be configured to
support, password changes.