Authentication For Ssh Users By An Ldap Server - HP 6125XLG Configuration Manual
Blade switch security configuration guide
Hide thumbs
Also See for 6125XLG:
- Layer 3 - ip routing configuration manual (492 pages) ,
- Command reference manual (466 pages) ,
- Configuration manual (414 pages)
Table of Contents
Advertisement
# Create a RADIUS scheme.
[Switch] radius scheme rad
# Specify the primary authentication server.
[Switch-radius-rad] primary authentication 10.1.1.1 1812
# Set the shared key for secure communication with the server to expert in plain text.
[Switch-radius-rad] key authentication simple expert
# Include the domain names in usernames sent to the RADIUS server.
[Switch-radius-rad] user-name-format with-domain
[Switch-radius-rad] quit
# Create ISP domain bbb and configure AAA methods for login users.
[Switch] domain bbb
[Switch-isp-bbb] authentication login radius-scheme rad
[Switch-isp-bbb] authorization login radius-scheme rad
[Switch-isp-bbb] accounting login none
[Switch-isp-bbb] quit
Verifying the configuration
When the user initiates an SSH connection to the switch and enter the username hello@bbb and the
correct password, the user successfully logs in and can use the commands for the network-operator user
role.
Authentication for SSH users by an LDAP server
Network requirements
As shown in
ldap.com.
Configure the switch to authenticate SSH users by using the LDAP server, and to assign the default user
role network-operator to SSH users who pass authentication.
On the LDAP server, set the administrator password to admin!123456, add user aaa, and set the user's
password to ldap!123456.
Figure 16 Network diagram
Configuration procedure
1.
Configure the LDAP server:
Figure
16, an LDAP server is at the IP address 10.1.1.1/24 and uses the domain name
51
Advertisement
Table of Contents
Troubleshooting
