Dell PowerEdge M805 User Manual
Page 110
72
Using the CLI
www
.dell.com | support.dell.com
CLI through Telnet, SSH, Serial Interfaces
The CLI is accessible through a local serial interface, a remote telnet, or secure shell sessions. Since
the serial interface requires a physical connection for access, it is used if all else fails. The serial
interface is the only interface from which the user may access the Easy Setup Wizard. It is the only
interface that the user can access if the remote authentication servers are down and the user has
not configured the system to revert to local managed accounts.
The following rules and specifications apply to these interfaces:
•
The CLI is accessible from remote telnet through the management IP address for the
switch.
•
The CLI is accessible from a secure shell interface.
•
The CLI generates keys for SSH locally.
•
The serial session defaults to 9600 baud rate, eight data bits, non-parity and one stop bit.
User Accounts Management
The CLI provides authentication for users either through remote authentication servers supporting
TACACS+ or Radius or through a set of locally managed user accounts. The setup wizard asks the
user to create the initial administrator account and password at the time the system is booted.
The following rules and specifications apply:
•
The user may create as many a five local user accounts.
•
User accounts have an access level, a user name, and a user password.
•
The user is able to delete the user accounts but the user will not be able to delete the last
level 15 account.
•
The user password is saved internally in encrypted format and never appears in clear text
anywhere on the CLI.
•
The CLI supports TACACS+ and Radius authentication servers.
•
The CLI allows the user to configure primary and secondary authentication servers. If the
primary authentication server fails to respond within a configurable period, the CLI
automatically tries the secondary authentication server.
•
The user can specify whether the CLI should revert to using local user accounts when the
remote authentication servers do not respond or if the CLI simply fails the login attempt
because the authentication servers are down. This requirement applies only when the
user is login through a telnet or an SSH session.
•
The CLI always allows the user to log in to a local serial port even if the remote
authentication server(s) are down. In this case, CLI reverts to using the locally configured
accounts to allow the user to log in.