Lenovo Flex System Fabric CN4093 Application Manual page 5
How to configure and use the enterprise nos 8.4 software on the 10 gb converged scalable switch
Hide thumbs
Also See for Flex System Fabric CN4093:
- Application manual (598 pages) ,
- Installation manual (72 pages) ,
- User manual (58 pages)
Table of Contents
Advertisement
© Copyright Lenovo 2017
Secure Shell and Secure Copy . . . . . . . . . . . . . . . . . . . . . .89
Configuring SSH/SCP Features on the Switch . . . . . . . . . . . . . .90
To Enable or Disable the SSH Feature . . . . . . . . . . . . . . .90
To Enable or Disable SCP . . . . . . . . . . . . . . . . . . . . .90
Configuring the SCP Administrator Password . . . . . . . . . . . . .90
Using SSH and SCP Client Commands . . . . . . . . . . . . . . . . .90
To Log In to the Switch from the Client . . . . . . . . . . . . . . .90
To Copy the Switch Configuration File to the SCP Host . . . . . . . .91
To Load a Switch Configuration File from the SCP Host . . . . . . .91
To Apply and Save the Configuration . . . . . . . . . . . . . . .91
To Copy the Switch Image and Boot Files to the SCP Host . . . . . .92
To Load Switch Configuration Files from the SCP Host . . . . . . . .92
SSH and SCP Encryption of Management Messages . . . . . . . . . . .93
Generating RSA Host Key for SSH Access . . . . . . . . . . . . . . .93
SSH/SCP Integration with RADIUS Authentication . . . . . . . . . . .93
SSH/SCP Integration with TACACS+ Authentication . . . . . . . . . .93
End User Access Control. . . . . . . . . . . . . . . . . . . . . . . . .94
Considerations for Configuring End User Accounts . . . . . . . . . . .94
Strong Passwords . . . . . . . . . . . . . . . . . . . . . . . . . .94
User Access Control Menu . . . . . . . . . . . . . . . . . . . . . .95
Setting Up User IDs . . . . . . . . . . . . . . . . . . . . . . .95
Defining a User's Access Level . . . . . . . . . . . . . . . . . .95
Validating a User's Configuration . . . . . . . . . . . . . . . . .95
Enabling or Disabling a User . . . . . . . . . . . . . . . . . . .95
Locking Accounts . . . . . . . . . . . . . . . . . . . . . . . .95
Re-enabling Locked Accounts . . . . . . . . . . . . . . . . . . .96
Listing Current Users . . . . . . . . . . . . . . . . . . . . . . . .96
Logging In to an End User Account . . . . . . . . . . . . . . . . . .96
Protected Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . .97
Stacking Mode . . . . . . . . . . . . . . . . . . . . . . . . . . .97
Chapter 5. Authentication & Authorization Protocols . . . . . . . . . 99
RADIUS Authentication and Authorization . . . . . . . . . . . . . . . 100
How RADIUS Authentication Works . . . . . . . . . . . . . . . . 100
Configuring RADIUS on the Switch . . . . . . . . . . . . . . . . . 101
RADIUS Authentication Features in Enterprise NOS . . . . . . . . . . 101
Switch User Accounts . . . . . . . . . . . . . . . . . . . . . . . 102
RADIUS Attributes for Enterprise NOS User Privileges . . . . . . . . 103
TACACS+ Authentication . . . . . . . . . . . . . . . . . . . . . . . 104
How TACACS+ Authentication Works. . . . . . . . . . . . . . . . 104
TACACS+ Authentication Features in Enterprise NOS . . . . . . . . . 105
Authorization . . . . . . . . . . . . . . . . . . . . . . . . . 105
Backdoor . . . . . . . . . . . . . . . . . . . . . . . . . . . 106
Accounting . . . . . . . . . . . . . . . . . . . . . . . . . . 106
Command Authorization and Logging . . . . . . . . . . . . . . . . 107
TACACS+ Password Change . . . . . . . . . . . . . . . . . . . . 109
Configuring TACACS+ Authentication on the Switch . . . . . . . . . 109
LDAP Authentication and Authorization . . . . . . . . . . . . . . . . 110
Configuring the LDAP Server. . . . . . . . . . . . . . . . . . . . 110
Configuring LDAP Authentication on the Switch . . . . . . . . . . . 111
5
Contents
Advertisement
Table of Contents
