Using security lock-out – Avocent CCM4850 User Manual

Page 37

Advertising
background image

Chapter 3: Operations 25

You may also use this command to delete a RADIUS server definition.
SERVER RADIUS PRIMARY|SECONDARY DELETE
For more information, see Server RADIUS command on page 52.

2. Issue a Server Security command, using the Authentication parameter to specify the authenti-

cation method. Use the Encrypt parameter to enable plain text Telnet connections, SSH con-
nections or both.
SERVER SECURITY AUTHENTICATION=<auth> ENCRYPT=<conns>
You may optionally specify both RADIUS and local authentication, in either order. In tis case,
authentication will be attempted initially on the first method specified. If that fails, the second
method will be used for authentication.
When SSH session access is enabled, you must specify an authentication method other
than None.

3. You are prompted to save the information. Enter

Y

to confirm or

N

to cancel.

To display authentication configuration information:

1. Issue a Show Server Security command.

SHOW SERVER SECURITY
The display includes the current CCM appliance authentication settings that were configured
with the Server Security command. If SSH access has been enabled, the display indicates
SSH2. Regardless of whether SSH is enabled, the display includes the authentication method
specified with the Server SSH command.

2. To display CCM RADIUS settings that were configured with the Server RADIUS command,

issue a Show Server RADIUS command.
SHOW SERVER RADIUS

For more information, see Server Security command on page 53, Show Server Security command
on page 62, Show Server RADIUS command on page 62 and Connecting to devices using SSH on
page 15.

Using security lock-out

When the security lock-out feature is enabled, a user account will be locked-out after five
consecutive authentication failures. A successful authentication will reset the counter to zero. You
may configure a lock-out period of 1-99 hours. A lock-out period of zero disables the feature; that
is, user accounts will not be locked-out.
A locked account will remain locked until the specified time elapses, the CCM appliance is power-
cycled or the account is unlocked by an administrator with the User Unlock command. A user with
the ADMIN access level may unlock all users except a user with the APPLIANCEADMIN level. A
user with the APPLIANCEADMIN level may unlock all users.

Advertising
Popular Brands
Popular manuals