Table of Contents
Advertisement
User authentication
a. Click to expand Groups.
b. For Add Group, click .
c. For Group, select an appropriate group.
Note
Every user must be configured with at least one group. You can add multiple groups to a
user by clicking Add again and selecting the next group.
8. (Optional) Add SSH keys for the user to use passwordless SSH login:
a. Click SSH keys.
b. In Add SSH key, paste or type a public encryption key that this user can use for
passwordless SSH login and click .
9. (Optional) Configure two-factor authentication for SSH, telnet, and serial console login:
a. Click Two-factor authentication.
b. Check Enable to enable two-factor authentication for this user.
c. Select the Verification type:
n
n
d. Generate a Secret key:
i. Click ... next to the field label and select Generate secret key.
ii. Copy the secret key for use with an application or mobile device to generate
passcodes.
e. For time-based verification only, select Disallow code reuse to prevent a code from being
used more than once during the time that it is valid.
f. For time-based verification only, in Code refresh interval, type the amount of time that a
code will remain valid.
Allowed values are any number of weeks, days, hours, minutes, or seconds, and take the
format number{w|d|h|m|s}. For example, to set Code refresh interval to ten minutes,
enter 10m or 600s.
IX20 User Guide
Time-based (TOTP): Time-based One-Time Password (TOTP) authentication uses
the current time to generate a one-time password.
Counter-based (HOTP): HMAC-based One-Time Password (HOTP) uses a counter to
validate a one-time password.
Local users
600
Advertisement
Table of Contents
