11: User Authentication

TACACS+ Commands

These commands for the command line interface correspond to the web page entries described above.

To configure the SLB branch office manager to use TACACS+ to authenticate users who log in via the Web, SSH, Telnet, or the console port:

set tacacs+ <one or more parameters>

Parameters:

accessoutlets <Outlet List> breakseq <1-10 Chars> clearports <Port List> dataports <Port List> encrypt <enabledisable> escapeseq <1-10 Chars> listenports <Port List> secret <TACACS+ Secret> server1 <IP Address or Name> server2 <IP Address or Name> server3 <IP Address or Name> state <enabledisable>

To set user group and permissions for TACACS+ users:

set tacacs+ group <defaultpoweradmin>

To set permissions for TACACS+ users not already defined by the user rights group:

set tacacs+ permissions <Permission List>

where

<Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, pc, rs, rc, dr, wb, sn, ad

To remove a permission, type a minus sign before the two-letter abbreviation for a user right.

To set a default custom menu for TACACS+ users:

set tacacs+ custommenu <Menu Name>

To view TACACS+ settings:

show tacacs+

SSH Keys

The SLB branch office manager can import and export SSH keys to facilitate shared key authentication for all incoming and outgoing SSH connections. By using a public/private key pair, a user can access multiple hosts with a single passphrase, or, if a passphrase is

SLB™ Branch Office Manager User Guide

166

Page 166
Image 166
Lantronix 900-510 manual SSH Keys, TACACS+ Commands, To set user group and permissions for TACACS+ users