5-23
Authentication
Configuring on the Switch
To delete a per-server encryption key in the switch, re-enter the tacacs-server
host command without the key parameter. For example, if you have
north01
configured as the encryption key for a server with an IP address of
10.28.227.104 and you want to eliminate the key, you would use this command:
HP Switch
(config)# tacacs-server host 10.28.227.104
N o t e
You can save the encryption key in a configuration file by entering this
command:
HP Switch(config)# tacacs-server key <keystring>
The <
keystring
> parameter is the encryption key in clear text.
N o t e
The
show tacacs
command lists the global encryption key, if configured.
However, to view any configured per-server encryption keys, you must use
show config
or
show config running
(if you have made configuration
changes without executing
write mem
).
Configuring the Timeout Period.
The timeout period specifies how long
the switch waits for a response to an authentication request from a
server before either sending a new request to the next server in the switch’s
Server IP Address list or using the local authentication option. For example,
to change the timeout period from 5 seconds (the default) to 3 seconds:
HP Switch
(config)# tacacs-server timeout 3
Summary of Contents for E3800 Series
Page 2: ......
Page 3: ...HP Networking E3800 Switches Access Security Guide September 2011 KA 15 03 ...
Page 30: ...xxviii ...
Page 86: ...2 36 Configuring Username and Password Security Password Recovery ...
Page 186: ...4 72 Web and MAC Authentication Client Status ...
Page 364: ...8 32 Configuring Secure Shell SSH Messages Related to SSH Operation ...
Page 510: ...10 130 IPv4 Access Control Lists ACLs General ACL Operating Notes ...
Page 548: ...11 38 Configuring Advanced Threat Protection Using the Instrumentation Monitor ...
Page 572: ...12 24 Traffic Security Filters and Monitors Configuring Traffic Security Filters ...
Page 730: ...20 Index ...
Page 731: ......