Scp Protocol Support; Radius Authentication - Avaya G350 Administration

Use the
ssh-client known-hosts
maintains a list of server fingerprints. If a key changes, the client's verification of the server's fingerprint
will fail, thereby preventing the client's access to the server. If this happens, you can use the
command to erase the client's server fingerprint list. This enables the client to access the
known-hosts
server and begin to recreate its list of fingerprints with the server's new fingerprint.
Use the
crypto key generate dsa
Use the
disconnect ssh
Use the
show ip ssh

SCP protocol support

In addition to data transfer via an SSH session, the SSH protocol is also used to support SCP for secure
file transfer. When using SCP, the G350 is the client, and an SCP server must be installed on the
management station. After users are defined on the SCP server, the G350 acts as an SCP client.
The process of establishing an SCP session is the same process as described in
page 33, except that the roles of the G350 and the client computer are reversed.
To perform file transfers secured by SCP, the G350 launches a local SSH client via the CLI. This
establishes a secured channel to the secured file server. The G350 authenticates itself to the server by
providing a user name and password. With a Windows-based SSH server (WinSSHD), the user name
provided must be a defined user on the Windows machine with read/write privileges. The files transferred
via SCP are saved in the C:\Documents and Settings\username directory.
The network element performs file transfer in unattended mode.

RADIUS authentication

If your network has a RADIUS server, you can configure the G350 to use RADIUS authentication. A
RADIUS server provides centralized authentication service for many devices on a network. When you
use RADIUS authentication, you do not need to configure usernames and passwords on the G350. When
you try to access the G350, the G350 searches for your username and password in its own database first.
If it does not find them, it activates RADIUS authentication.
To use RADIUS authentication:
1
Configure your RADIUS server with the usernames, passwords, and privilege levels that you
want to use on the G350.
2
Configure RADIUS authentication on the G350, as described below.
Use the following commands to configure RADIUS authentication on the G350. For more information
about these commands, see the Avaya™ G350 Media Gateway CLI Reference, 555-245-202.
1
Use the
2
Use the
This command must be followed by a text string. For example:
set radius authentication secret hush
Administration of the Avaya G350 Media Gateway
June 2004
command to clear the client's list of server fingerprints. Each client
command to generate an SSH host key pair.
command to disconnect an existing SSH session.
command to display a list of active SSH sessions.
set radius authentication enable
set radius authentication secret
Accessing the Avaya G350 Media Gateway
command to enable RADIUS authentication.
command to set the shared secret for the authentication.
Managing login permissions
ssh-client
SSH protocol support on
35