Authentication summary – Avocent CPS1610 CPS User Manual

Page 39

Advertising
background image

Chapter 3: Operations

33

This method cannot be used when SSH connections are enabled, nor can it be

combined with any other authentication method.

Authentication summary

The CPS allows concurrent use of multiple authentication modes. This allows

Telnet, SSH and DSView clients to all access a single CPS as long as the

appropriate authentication methods are enabled.

For example, if you enable DS and local authentication, DSView clients will

always be authenticated using DSAuth. Telnet, SSL and SSH clients will be

authenticated using DS first, and the CPS local user database second.

Similarly, if you enable DS and RADIUS authentication, DSView clients will

always be authenticated using DSAuth. Telnet, SSL and SSH clients will be

authenticated using the RADIUS servers.

As indicated above, the DS authentication server will always be used for DSView

clients. For Telnet, SSL and SSH clients, the order in which you specify the

authentication methods determines the order in which each method is used.

For example, if you enable local and RADIUS authentication (in that order),

authentication uses the CPS user database. If that fails, authentication goes to

the defined RADIUS servers. If you enable RADIUS and local authentication

(in that order), authentication goes first to the defined RADIUS servers. If that

fails, the local CPS user database is used.

To specify the authentication mode:

1.

For RADIUS authentication, issue a Server RADIUS command.

SERVER RADIUS PRIMARY|SECONDARY IP=<radius_ip>
SECRET=<secret> USER-RIGHTS=<attr> [AUTHPORT=<udp>]
[TIMEOUT=<time-out>] [RETRIES=<retry>]

You must specify the server’s IP address, the UDP port to be used and a
“secret” to be used. You must also specify a user-rights attribute value that
matches a value in the RADIUS server’s dictionary.

You may also use this command to delete a RADIUS server defi nition.

SERVER RADIUS PRIMARY|SECONDARY DELETE

For more information, see Server RADIUS command in Chapter 5.

2.

Issue a Server Security command, using the Authentication parameter to
specify the authentication mode and the Encrypt parameter to specify the
encryption type.

SERVER SECURITY AUTHENTICATION=<auth_mode>

Advertising
Popular Brands
Popular manuals