Avocent CCM1640, CCM840 31

Chapter 3: Operations	25

Server Security command, SSH password authentication will use either the access rights from the local user database or the values returned by the RADIUS server.

With either of the “or” methods (PWKEY and KEYPW), the user access rights are determined from the method used to authenticate the user.

With either of the “and” methods (PW&KEY and KEY&PW), the user access rights are determined from the first method specified. If PW&KEY is specified, the access rights from the password authentication will be used. If KEY&PW is specified, the access rights from the key authentication will be used.

For more information, see Using Authentication Modes in this chapter.

SSH user keys

A user’s SSH key is specified in a User Add or User Set command. You may define a key even if SSH is not currently enabled. The key may be specified in one of two ways:

•When using the SSHKEY and FTPIP keyword pair to deﬁne the network location of a user’s SSH key ﬁle, the SSHKEY parameter speciﬁes the name of the uuencoded (UNIX to UNIX encoded) public key ﬁle on an FTP server. The maximum ﬁle size that can be received is 4K bytes. The FTPIP parameter speciﬁes the FTP server’s IP address.

When this method is speciﬁed, the CCM initiates an FTP client request to the speciﬁed IP address. The CCM then prompts the user for an FTP user- name and password for connection. When connected, the CCM will GET the speciﬁed key ﬁle and the FTP connection will be closed. The CCM then stores the SSH key with the username in the CCM user database.

•When using the KEY keyword to specify the SSH key, the KEY param- eter speciﬁes the actual uuencoded SSH key. This is for conﬁgurations that do not implement an FTP server. The CCM stores the speciﬁed key in the CCM user database.

The CCM processes a uuencoded SSH2 public key file with the format described in the IETF document draft-ietf-secshpublickeyfile-02. The key must follow all format requirements. The UNIX ssh-keygen2 generates this file format. The CCM also processes a uuencoded SSH1 public key file. The UNIX ssh-keygen generates this file format.

You may also generate SSH user keys via AVWorks. See the AVWorks Installer/ User Guide.

Contents

Page Page Page Page Table of Contents Page 1 Product Overview Page Chapter 1: Product Overview Features and Benefits Safety Precautions Rack mount safety considerations Using AVWorks Page Installation and Configuration Page Chapter 2: Installation and Configuration Hardware Overview Installing the CCM Configuring the CCM Configuring the IP address and subnet mask To conﬁgure the IP address and subnet mask using a Telnet CLI: To conﬁgure the CCM using the serial CLI: Initial CCM login Reinitializing the CCM 3 Operations Page Chapter 3: Operations Overview Configuring Serial Port Settings Connecting to Serial Devices Connecting to devices using Telnet Connecting to devices from the serial CLI port Configuring and using dial-inconnections Connecting to devices using PPP Connecting to devices using SSH SSH Authentication Methods Page Enabling plain text Telnet and SSH connections Telnet CLI mode Ending device sessions Session time-outs Managing User Accounts To change a user’s conﬁguration information: To end another user’s CCM session: To delete a user: To display user conﬁguration information: Access rights and levels Using Authentication Modes Authentication summary Using Security Lock-out Managing the Port History Buffer Using port history mode commands Port History Mode Commands To access port history mode: To control the port history buffer display when you connect: To control the port history buffer content when you end a session: To clear and discard all data in a port history buffer: Managing the CCM Using SNMP To add or delete SNMP management entity addresses: To enable or disable SNMP traps: To add or delete SNMP trap destination addresses: To add, copy or delete port alert strings: To display SNMP conﬁguration information: To display port alert string information: 4 Using CCM Commands Page Chapter 4: Using CCM Commands Accessing the CLI Entering Commands When commands take effect Understanding Conventions Command syntax Page Syntax conventions Command Summary CCM Command Summary (Continued) Page Page Page 5 CCM Commands Page Chapter 5: CCM Commands Connect Command Disconnect Command Help Command Port Commands Port Alert Add command Port Alert Copy command Port Alert Delete command Port Break command Port History command Port Logout command Port Set command Page Quit Command Resume Command Server Commands Server CLI command Server FLASH command Server PPP command Server RADIUS command Server Reboot command Server Security command Server Set command Server SNMP command Server SNMP Community command Server SNMP Manager command Server SNMP Trap command Server SNMP Trap Destination command Server SSH command Show Commands Show Port command Page Show Port Alert command Show Server command Show Server CLI command Show Server PPP command Show Server RADIUS command Show Server Security command Show Server SNMP command Show User command SPC Command User Commands User Add command Page User Delete command User Logout command User Set command User Unlock command Page Appendices Page Appendices Appendix A: Technical Specifications Appendix B: Device Cabling Page RJ-45modular adaptors and cables Page Appendix C: Ports Used Appendix D: Technical Support