Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

RADIUS Accounting....................................................................................................................................................652

AAA Authentication...........................................................................................................................................................657

Configuration Task List for AAA Authentication..................................................................................................... 657

Obscuring Passwords and Keys......................................................................................................................................659

AAA Authorization.............................................................................................................................................................660

Privilege Levels Overview.......................................................................................................................................... 660

Configuration Task List for Privilege Levels.............................................................................................................660

RADIUS...............................................................................................................................................................................664

RADIUS Authentication.............................................................................................................................................. 664

Configuration Task List for RADIUS......................................................................................................................... 665

RADIUS-assigned dynamic access control lists.......................................................................................................667

Support for Change of Authorization and Disconnect Messages packets..........................................................672

TACACS+............................................................................................................................................................................681

Configuration Task List for TACACS+...................................................................................................................... 681

TACACS+ Remote Authentication............................................................................................................................683

Command Authorization.............................................................................................................................................684

Protection from TCP Tiny and Overlapping Fragment Attacks..................................................................................684

Enabling SCP and SSH.....................................................................................................................................................684

Using SCP with SSH to Copy a Software Image....................................................................................................685

Removing the RSA Host Keys and Zeroizing Storage .......................................................................................... 686

Configuring When to Re-generate an SSH Key .....................................................................................................686

Configuring the SSH Server Key Exchange Algorithm...........................................................................................686

Configuring the HMAC Algorithm for the SSH Server...........................................................................................687

Configuring the HMAC Algorithm for the SSH Client............................................................................................ 687

Configuring the SSH Server Cipher List...................................................................................................................688

Configuring the SSH Client Cipher List.................................................................................................................... 688

Configuring DNS in the SSH Server......................................................................................................................... 688

Secure Shell Authentication.......................................................................................................................................689

Troubleshooting SSH...................................................................................................................................................691

Telnet...................................................................................................................................................................................691

VTY Line and Access-Class Configuration..................................................................................................................... 691

VTY Line Local Authentication and Authorization...................................................................................................692

VTY Line Remote Authentication and Authorization..............................................................................................692

VTY MAC-SA Filter Support......................................................................................................................................693

Role-Based Access Control............................................................................................................................................. 693

Overview of RBAC......................................................................................................................................................693

User Roles.................................................................................................................................................................... 695

AAA Authentication and Authorization for Roles.................................................................................................... 698

Role Accounting........................................................................................................................................................... 701

Display Information About User Roles....................................................................................................................... 701

Two Factor Authentication (2FA)...................................................................................................................................702

Handling Access-Challenge Message....................................................................................................................... 703

Configuring Challenge Response Authentication for SSHv2.................................................................................703

SMS-OTP Mechanism................................................................................................................................................703

Configuring the System to Drop Certain ICMP Reply Messages............................................................................... 704

Dell EMC Networking OS Security Hardening.............................................................................................................. 705

Dell EMC Networking OS Image Verification...........................................................................................................705

Startup Configuration Verification............................................................................................................................ 706

Configuring the root User Password........................................................................................................................ 707

Locking Access to GRUB Interface...........................................................................................................................707

Contents