Lenovo RackSwitch G8264 Application Manual page 5
For lenovo enterprise network operating system 8.4
Hide thumbs
Also See for RackSwitch G8264:
- Command reference manual (794 pages) ,
- Installation manual (106 pages) ,
- Product manual (26 pages)
Table of Contents
Advertisement
© Copyright Lenovo 2017
Part 2: Securing the Switch . . . . . . . . . . . . . . . . . . . . 93
Chapter 4. Securing Administration . . . . . . . . . . . . . . . . 95
Secure Shell and Secure Copy . . . . . . . . . . . . . . . . . . . . . .96
Configuring SSH/SCP Features on the Switch . . . . . . . . . . . . . .96
To Enable or Disable the SSH Feature . . . . . . . . . . . . . . .96
To Enable or Disable SCP Apply and Save . . . . . . . . . . . . .97
Configuring the SCP Administrator Password . . . . . . . . . . . . .97
Using SSH and SCP Client Commands . . . . . . . . . . . . . . . . .97
To Log Into the Switch . . . . . . . . . . . . . . . . . . . . . .97
To Copy the Switch Configuration File to the SCP Host . . . . . . . .97
To Load a Switch Configuration File from the SCP Host . . . . . . .98
To Apply and Save the Configuration . . . . . . . . . . . . . . .98
To Copy the Switch Image and Boot Files to the SCP Host . . . . . .98
To Load Switch Configuration Files from the SCP Host . . . . . . . .99
SSH and SCP Encryption of Management Messages . . . . . . . . . . .99
Generating RSA Host Key for SSH Access . . . . . . . . . . . . . . .99
SSH/SCP Integration with Radius Authentication . . . . . . . . . . . .99
SSH/SCP Integration with TACACS+ Authentication . . . . . . . . . 100
End User Access Control. . . . . . . . . . . . . . . . . . . . . . . . 101
Considerations for Configuring End User Accounts . . . . . . . . . . 101
Strong Passwords . . . . . . . . . . . . . . . . . . . . . . . . . 101
User Access Control . . . . . . . . . . . . . . . . . . . . . . . . 102
Setting up User IDs . . . . . . . . . . . . . . . . . . . . . . 102
Defining a User's Access Level . . . . . . . . . . . . . . . . . 102
Validating a User's Configuration . . . . . . . . . . . . . . . . 102
Enabling or Disabling a User . . . . . . . . . . . . . . . . . . 102
Locking Accounts . . . . . . . . . . . . . . . . . . . . . . . 102
Re-Enabling Locked Accounts. . . . . . . . . . . . . . . . . . 103
Listing Current Users . . . . . . . . . . . . . . . . . . . . . . . 103
Logging into an End User Account . . . . . . . . . . . . . . . . . 103
Chapter 5. Authentication & Authorization Protocols . . . . . . . . . 105
RADIUS Authentication and Authorization . . . . . . . . . . . . . . . 106
How RADIUS Authentication Works . . . . . . . . . . . . . . . . 106
Configuring RADIUS on the Switch . . . . . . . . . . . . . . . . . 106
RADIUS Authentication Features in Enterprise NOS . . . . . . . . . . 108
Switch User Accounts . . . . . . . . . . . . . . . . . . . . . . . 108
RADIUS Attributes for Enterprise NOS User Privileges . . . . . . . . 109
TACACS+ Authentication . . . . . . . . . . . . . . . . . . . . . . . 110
How TACACS+ Authentication Works. . . . . . . . . . . . . . . . 110
TACACS+ Authentication Features in Enterprise NOS . . . . . . . . . 111
Authorization . . . . . . . . . . . . . . . . . . . . . . . . . 111
Accounting . . . . . . . . . . . . . . . . . . . . . . . . . . 112
Command Authorization and Logging . . . . . . . . . . . . . . . . 112
Configuring TACACS+ Authentication on the Switch . . . . . . . . . 113
LDAP Authentication and Authorization . . . . . . . . . . . . . . . . 114
Configuring the LDAP Server. . . . . . . . . . . . . . . . . . . . 114
Configuring LDAP Authentication on the Switch . . . . . . . . . . . 114
5
Contents
- Quick Links:
- Using a Web Browser
- Chapter 18. Stacking
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
