Table of Contents
Advertisement
User authentication
3. (Optional) Paste a TLS certificate and private key in PEM format:
(config)> auth serial identiy "cert-and-private-key"
(config)>
4. Set the method used to verify the certificate of a remote peer:
(config)> auth serial verify value
(config)>
where value is either:
ca: Uses certificate authorities (CAs) to verify.
n
peer: Uses the remote peer's public certificate to verify.
n
5. By default, peers with certificates that have been signed by standard Certificate Authorities
(CAs) are allowed to authenticate. To disable:
(config)> auth serial ca_standard false
(config)>
6. Add the public certificate for a custom certificate authority:
(config)> add auth serial ca_certs CA-cert-name "cert-and-private-key"
(config)>
where:
CA-cert-name is the name of the certificate for the custom certificate authority.
n
cert-and-private-key is the certificate and private key for the custom certificate
n
authority.
Repeat for additional custom certificate authorities.
7. Save the configuration and apply the change:
(config)> save
Configuration saved.
>
8. Type exit to exit the Admin CLI.
Depending on your device configuration, you may be presented with an Access selection
menu. Type quit to disconnect from the device.
Disable shell access
To prohibit access to the shell prompt for all authentication groups, disable the Allow shell
parameter.. This does not prevent access to the Admin CLI.
Note
If shell access is disabled, re-enabling it will erase the device's configuration and perform a
factory reset.
Web
IX30 User Guide
Disable shell access
745
Advertisement
Table of Contents
