End user access control, Considerations for configuring end user accounts, Strong passwords – Blade ICE RACKSWITCH G8124-E User Manual

Page 62

Advertising
background image

BLADEOS 6.5.2 Application Guide

62 Chapter 3: Securing Administration

BMD00220, October 2010

End User Access Control

BLADEOS allows an administrator to define end user accounts that permit end users to perform
operation tasks via the switch CLI commands. Once end user accounts are configured and enabled,
the switch requires username/password authentication.

For example, an administrator can assign a user, who can then log into the switch and perform
operational commands (effective only until the next switch reboot).

Considerations for Configuring End User Accounts

A maximum of 10 user IDs are supported on the switch.

BLADEOS supports end user support for console, Telnet, BBI, and SSHv1/v2 access to the
switch.

If RADIUS authentication is used, the user password on the Radius server will override the
user password on the G8124. Also note that the password change command only modifies only
the user password on the switch and has no effect on the user password on the Radius server.
Radius authentication and user password cannot be used concurrently to access the switch.

Passwords for end users can be up to 128 characters in length.

Strong Passwords

The administrator can require use of Strong Passwords for users to access the G8124. Strong
Passwords enhance security because they make password guessing more difficult.

The following rules apply when Strong Passwords are enabled:

Each passwords must be 8 to 14 characters

Within the first 8 characters, the password:

must have at least one number or one symbol

must have both upper and lower case letters

cannot be the same as any four previously used passwords

The following are examples of strong passwords:

1234AbcXyz

Super+User

Exo1cet2

Advertising
This manual is related to the following products: