Manualshelf

Concept Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048T-ON
851852853854855856857858859860
Example:
DellEMC(config)#aaa authentication login vty_auth_list radius
Force all logged-in users to re-authenticate (y/n)?
3 You are prompted to force the users to re-authenticate whenever there is a change in the RADIUS server list..
CONFIGURATION mode
radius-server host IP Address
Example:
DellEMC(config)#radius-server host 192.100.0.12
Force all logged-in users to re-authenticate (y/n)?
DellEMC(config)#no radius-server host 192.100.0.12
Force all logged-in users to re-authenticate (y/n)?
Obscuring Passwords and Keys
By default, the service password-encryption command stores encrypted passwords. For greater security, you can also use the
service obscure-passwords command to prevent a user from reading the passwords and keys, including RADIUS, TACACS+ keys,
router authentication strings, VRRP authentication by obscuring this information. Passwords and keys are stored encrypted in the
conguration le and by default are displayed in the encrypted form when the conguration is displayed. Enabling the
service
obscure-passwords
command displays asterisks instead of the encrypted passwords and keys. This command prevents a user from
reading these passwords and keys by obscuring this information with asterisks.
Password obscuring masks the password and keys for display only but does not change the contents of the le. The string of asterisks is
the same length as the encrypted string for that line of conguration. To verify that you have successfully obscured passwords and keys,
use the show running-config command or show startup-config command.
If you are using role-based access control (RBAC), only the system administrator and security administrator roles can enable the service
obscure-password command.
To enable the obscuring of passwords and keys, use the following command.
Turn on the obscuring of passwords and keys in the conguration.
CONFIGURATION mode
service obscure-passwords
Example of Obscuring Password and Keys
DellEMC(config)# service obscure-passwords
AAA Authorization
Dell EMC Networking OS enables AAA new-model by default.
You can set authorization to be either local or remote. Dierent combinations of authentication and authorization yield dierent results.
By default, Dell EMC Networking OS sets both to
local.
Security
859