AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers

149

RouterOS v3 Configuration and User Guide

 

 

 

use-radius(yes no; default: no) - specifies whether a user database on a RADIUS server should be consulted

￿

The RADIUS user database is queried only if the required username is not found in the local user database

Example

To enable RADIUS AAA, enter the following command:

[admin@AT-WR4562] user aaa> set use-radius=yes

[admin@AT-WR4562] user aaa> print use-radius: yes accounting: yes

interim-update: 0s default-group: read

[admin@AT-WR4562] user aaa>

7.3.6 SSH keys

Submenu level: /user ssh-keys

Description

Remote users may be allowed to log in without using password authentication and even ever entering their password, but by using pregenerated DSA openssh SSH keys instead. Note that if you use puttygen, convert generated keys to right type.

Property Description

key-owner(read-only: text) - emote user, as specified in the key file

user (name) - the user that is allowed to log in using this key (must exist in the user list)

Command Description

import - import the uploaded DSA key user - the user the imported key is linked to file - filename of the DSA key to import

Example

Generating key on a linux machine:

sh-3.00$ ssh-keygen -t dsa -f ./id_dsa Generating public/private dsa key pair. Enter passphrase (empty for no passphrase): Enter same passphrase again:

Your identification has been saved in ./id_dsa. Your public key has been saved in ./id_dsa.pub. The key fingerprint is:

91:d7:08:be:b6:a1:67:5e:81:02:cb:4d:47:d6:a0:3b admin-ssh@test

Importing the generated (ang uploaded) key:

[admin@AT-WR4562] user ssh-keys> print

# USERKEY-OWNER

[admin@AT-WR4562] user ssh-keys> import file=id_dsa.pub user=admin-ssh

[admin@AT-WR4562] user ssh-keys> print

#

USER

KEY-OWNER

0

admin-ssh

admin-ssh@test

[admin@AT-WR4562] user ssh-keys>

Page 149
Image 149
Allied Telesis AT-WR4500 manual SSH keys, To enable Radius AAA, enter the following command, Submenu level /user ssh-keys