Administrator Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

RADIUS Accounting..................................................................................................................................................688

AAA Authentication........................................................................................................................................................ 693

Configuration Task List for AAA Authentication............................................................................................... 693

Obscuring Passwords and Keys.................................................................................................................................. 696

AAA Authorization.......................................................................................................................................................... 696

Privilege Levels Overview....................................................................................................................................... 697

Configuration Task List for Privilege Levels....................................................................................................... 697

RADIUS...............................................................................................................................................................................701

RADIUS Authentication............................................................................................................................................ 701

Configuration Task List for RADIUS..................................................................................................................... 702

RADIUS-assigned dynamic access control lists.................................................................................................705

Support for Change of Authorization and Disconnect Messages packets................................................. 709

TACACS+..........................................................................................................................................................................720

Configuration Task List for TACACS+................................................................................................................. 720

TACACS+ Remote Authentication.........................................................................................................................721

Command Authorization.......................................................................................................................................... 722

Protection from TCP Tiny and Overlapping Fragment Attacks...........................................................................722

Enabling SCP and SSH...................................................................................................................................................723

Using SCP with SSH to Copy a Software Image...............................................................................................723

Removing the RSA Host Keys and Zeroizing Storage .................................................................................... 724

Configuring When to Re-generate an SSH Key ................................................................................................724

Configuring the SSH Server Key Exchange Algorithm.................................................................................... 725

Configuring the HMAC Algorithm for the SSH Server.................................................................................... 725

Configuring the HMAC Algorithm for the SSH Client...................................................................................... 726

Configuring the SSH Server Cipher List..............................................................................................................726

Configuring the SSH Client Cipher List................................................................................................................727

Configuring DNS in the SSH Server..................................................................................................................... 727

Secure Shell Authentication....................................................................................................................................728

Troubleshooting SSH................................................................................................................................................730

Telnet................................................................................................................................................................................. 730

VTY Line and Access-Class Configuration.................................................................................................................731

VTY Line Local Authentication and Authorization..............................................................................................731

VTY Line Remote Authentication and Authorization........................................................................................ 732

VTY MAC-SA Filter Support...................................................................................................................................732

Role-Based Access Control.......................................................................................................................................... 732

Overview of RBAC.................................................................................................................................................... 733

User Roles...................................................................................................................................................................735

AAA Authentication and Authorization for Roles...............................................................................................738

Role Accounting.........................................................................................................................................................740

Display Information About User Roles...................................................................................................................741

Two Factor Authentication (2FA)...............................................................................................................................742

Handling Access-Challenge Message...................................................................................................................743

Configuring Challenge Response Authentication for SSHv2..........................................................................743

SMS-OTP Mechanism..............................................................................................................................................743

Configuring the System to Drop Certain ICMP Reply Messages........................................................................744

Dell EMC Networking OS Security Hardening......................................................................................................... 745

Dell EMC Networking OS Image Verification..................................................................................................... 745

Startup Configuration Verification........................................................................................................................ 746

Configuring the root User Password.................................................................................................................... 747

Locking Access to GRUB Interface...................................................................................................................... 748

Contents