Avocent CPS1610 CPS User Manual

Page 31

Advertising
background image

Chapter 3: Operations

25

SSH Authentication Methods

Method Description

PW (default)

SSH connections will be authenticated with a username/
password. With this method, a user’s defi nition must include
a valid password in order for that user to authenticate an SSH
session. A password can authenticate to a DSAuth or RADIUS
server or to the local user database.

KEY

SSH connections will be authenticated with an SSH key. With this
method, a user’s defi nition must include valid SSH key information
in order for that user to authenticate an SSH session. Key
authentication is always local; RADIUS is not supported. For more
information, see SSH user keys in this chapter.

PW|KEY or KEY|PW

SSH connections will be authenticated with either a username/
password or an SSH key. If a user has only a password defi ned, that
user must authenticate an SSH session with a username/password.
If a user has only an SSH key defi ned, that user must authenticate
an SSH session using the key. If a user has both a password and an
SSH key defi ned, that user may use either a username/password or
the SSH key to authenticate an SSH session. This method allows the
CPS administrator to defi ne how each user will authenticate an SSH
session based on information provided in the User Add/Set command.

PW authentication will be local, RADIUS or DS as specifi ed in
the Encrypt parameter of the Server Security command. Key
authentication is always local.

PW&KEY or KEY&PW SSH connections will be authenticated using both a username/

password and an SSH key. With this method, a user’s defi nition
must include a password and SSH key information for that user to
authenticate an SSH session.

PW authentication will be local, RADIUS or DS as specifi ed in
the Encrypt parameter of the Server Security command. Key
authentication is always local.

A user’s access rights are determined from the authentication method used.

SSH key authentication always uses the access rights from the local user

database. Depending on the server authentication mode specified with the

Server Security command, SSH password authentication will use either the

access rights from the local user database, the DS authentication server or the

values returned by the RADIUS server.

With either of the “or” methods (PW|KEY and KEY|PW), the user access rights

are determined from the method used to authenticate the user.

With either of the “and” methods (PW&KEY and KEY&PW), the user access

rights are determined from the first method specified. If PW&KEY is specified,

the access rights from the password authentication will be used. If KEY&PW is

specified, the access rights from the key authentication will be used.

Advertising
Popular Brands
Popular manuals