Specifications

ManualsBrandsDell ManualsComputer equipmentPowerConnect 5212



SSH authentication timeout: 100



SSH authentication retries: 5



Console#show ssh



Information of secure shell



Session Username Version Encrypt method Negotiation state



------- -------- ------- -------------- -----------------



0 admin 1.5 cipher-3des session-started



Console#

Authentication Settings

Remote Authentication Dial-in User Service (RADIUS) and Terminal Access Controller Access Control System Plus (TACACS+) are systems that use a central

server to control access to switches on a network. A server running RADIUS or TACACS+ software can be used to create a database of multiple user

name/password pairs with associated privilege levels for each user or group that require management access to a switch using the console port, Telnet, or

Internet.

The RADIUS system uses UDP while TACACS+ uses TCP. UDP only offers best effort delivery, while TCP offers a connection-oriented transport. Also, note that

RADIUS encrypts only the password in the access-request packet from the client to the server, while TACACS+ encrypts the entire body of the packet.

Both RADIUS and TACACS+ authentication control management access via the console port, Web browser, or Telnet. These access options must be configured

on the authentication server together with user names, passwords, and specific privilege levels for each user name/password pair.



The Switch/Security/Authentication Settings page contains the following editable fields:

l Authentication Sequence — Select the authentication, or authentication sequence, required: (Default: local)

¡ Local — The switch authenticates the user.

¡ RADIUS — A RADIUS server authenticates the user.

¡ TACACS — A TACACS+ server authenticates the user.

¡ Local, RADIUS — The switch attempts to authenticate the user first, and then a RADIUS server attempts to authenticate the user.

¡ Local, TACACS — The switch attempts to authenticate the user first, and then a TACACS+ server attempts to authenticate the user.

¡ RADIUS, Local — A RADIUS server attempts to authenticate the user first, and then the switch attempts to authenticate the user.

¡ RADIUS, TACACS — A RADIUS server attempts to authenticate the user first, and then a TACACS+ server attempts to authenticate the user.

¡ Local, RADIUS, TACACS — The switch attempts to authenticate the user first, then a RADIUS server, and then a TACACS+ server.

¡ Local, TACACS, RADIUS — The switch attempts to authenticate the user first, then a TACACS+ server, and then a RADIUS server.

¡ RADIUS, Local, TACACS — A RADIUS server attempts to authenticate the user first, then the switch, and then a TACACS+ server.

¡ RADIUS, TACACS, Local — A RADIUS server attempts to authenticate the user first, then a TACACS+ server, and then the switch.

¡ TACACS, Local, RADIUS — A TACACS+ server attempts to authenticate the user first, then the switch, and then a RADIUS server.

¡ TACACS, RADIUS, Local — A TACACS+ server attempts to authenticate the user first, then a RADIUS server, and then the switch.

l RADIUS Server Settings — If using a RADIUS server, specify the following details:

¡ Server IP Address — Identifies the IP address of the RADIUS server.

¡ Server Port Number — Identifies the User Datagram Protocol (UDP) port number used by the RADIUS server.

¡ Secret Text String — Specifies the text string that is shared between the switch and the RADIUS server. Do not use blank spaces in the string.

¡ Number of Server Transmits — Specifies the number of request transmits to the RADIUS server before failure.

¡ Timeout for a Reply — Specifies the number of seconds the switch waits for a reply from the RADIUS server before it resends the request.

NOTE: When you are setting up privilege levels on a RADIUS or TACACS+ server, level 0 allows Normal Exec access to the switch, and level 15 allows

Privileged Exec access.