Concept Guide

TACACS+ server host. This parameter must be the last parameter you congure.

To specify multiple TACACS+ server hosts, congure the tacacs-server host command multiple times. If you congure multiple

TACACS+ server hosts, Dell EMC Networking OS attempts to connect with them in the order in which they were congured.

To view the TACACS+ conguration, use the show running-config tacacs+ command in EXEC Privilege mode.

The AAA command authorization feature congures Dell EMC Networking OS to send each conguration command to a TACACS server

for authorization before it is added to the running conguration.

By default, the AAA authorization commands congure the system to check both EXEC mode and CONFIGURATION mode commands.

Use the no aaa authorization config-commands command to enable only EXEC mode command checking.

If rejected by the AAA server, the command is not added to the running cong, and a message displays:

Tiny and overlapping fragment attack is a class of attack where congured ACL entries — denying TCP port-specic trac — is bypassed

and trac is sent to its destination although denied by the ACL.

RFC 1858 and 3128 proposes a countermeasure to the problem. This countermeasure is congured into the line cards and enabled by

default.

Secure shell (SSH) is a protocol for secure remote login and other secure network services over an insecure network. Dell EMC Networking

OS is compatible with SSH versions 2, in both the client and server modes. SSH sessions are encrypted and use authentication. SSH is

enabled by default.

For details about the command syntax, refer to the Security chapter in the Dell EMC Networking OS Command Line Interface Reference

Guide.