Filter
Top Products
Alteon OS Application Guide
60
Chapter 1: Accessing the Switch 42C4911, January 2007
SSH/SCP Integration with Radius Authentication
SSH/SCP is integrated with RADIUS authentication. After the RADIUS server is enabled on
the switch, all subsequent SSH authentication requests will be redirected to the specified
RADIUS servers for authentication. The redirection is transparent to the SSH clients.
SSH/SCP Integration with TACACS+ Authentication
SSH/SCP is integrated with TACACS+ authentication. After the TACACS+ server is enabled
on the switch, all subsequent SSH authentication requests will be redirected to the specified
TACACS+ servers for authentication. The redirection is transparent to the SSH clients.
SecurID Support
SSH/SCP can also work with SecurID, a token card-based authentication method. The use of
SecurID requires the interactive mode during login, which is not provided by the SSH connec-
tion.
NOTE – There is no SNMP or Browser-Based Interface (BBI) support for SecurID because the
SecurID server, ACE, is a one-time password authentication and requires an interactive ses-
sion.
Using SecurID with SSH
Using SecurID with SSH involves the following tasks.
To log in using SSH, use a special username, “ace,” to bypass the SSH authentication.
After an SSH connection is established, you are prompted to enter the username and pass-
word (the SecurID authentication is being performed now).
Provide your username and the token in your SecurID card as a regular Telnet user.
Using SecurID with SCP
Using SecurID with SCP can be accomplished in two ways:
Using a RADIUS server to store an administrator password.
You can configure a regular administrator with a fixed password in the RADIUS server if
it can be supported. A regular administrator with a fixed password in the RADIUS server
can perform both SSH and SCP with no additional authentication required.
Using an SCP-only administrator password.
Use the command, /cfg/sys/sshd/scpadm to bypass the checking of SecurID.