Tacacs - Lantronix SecureLinx SLC8 User Manual

To configure the SLC to use Kerberos to authenticate users who log in via the
Web, SSH, Telnet, or the console port:
set kerberos <one or more parameters>
Parameters:
To set user group and permissions for Kerberos users:
set kerberos group <default|power|admin>
To set permissions for Kerberos users not already defined by the user rights
group:
set kerberos permissions <Permission List>
where
<Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, pc,
rs, rc, dr, wb, sn, ad
To remove a permission, type a minus sign before the two-letter abbreviation for a user
right.
To set a default custom menu for Kerberos users:
set kerberos custommenu <Menu Name>
To view Kerberos settings:
show kerberos

TACACS+

Similar to RADIUS, the main function of TACACS+ is to perform authentication for remote
access. The SLC supports the TACACS+ protocol (not the older TACACS or XTACACS
protocols).
The system administrator can configure the SLC to use TACACS+ to authenticate users
attempting to log in using the Web, Telnet, SSH, or the console port.
Users who are authenticated through Kerberos are granted device port access through
the port permissions on this page.
All Kerberos users are members of a group that has predefined user rights associated
with it. You can add additional user rights that are not defined by the group.
SecureLinx SLC User Guide
breakseq <1-10 Chars>
clearports <Port List>
dataports <Port List>
escapeseq <1-10 Chars>
ipaddr <Key Distribution Center IP Address>
kdc <Key Distribution Center>
listenports <Port List>
port <Key Distribution Center TCP Port>
realm <Kerberos Realm>
state <enable|disable>
useldapforlookup <enable|disable>
11: User Authentication
152