AT-WR4500 Series - IEEE 802.11abgh Outdoor Wireless Routers
149
RouterOS v3 Configuration and User Guide
use-radius
(yes | no; default:
no
) - specifies whether a user database on a RADIUS server should be
consulted
The RADIUS user database is queried only if the required username is not found in the local user
database
Example
To enable RADIUS AAA, enter the following command:
[admin@AT-WR4562] user aaa> set use-radius=yes
[admin@AT-WR4562] user aaa> print
use-radius: yes
accounting: yes
interim-update: 0s
default-group: read
[admin@AT-WR4562] user aaa>
7.3.6
SSH keys
Submenu level:
/user ssh-keys
Description
Remote users may be allowed to log in without using password authentication and even ever entering
their password, but by using pregenerated DSA openssh SSH keys instead. Note that if you use puttygen,
convert generated keys to right type.
Property Description
key-owner
(
read-only: text
) - emote user, as specified in the key file
user
(
name
) - the user that is allowed to log in using this key (must exist in the user list)
Command Description
import
- import the uploaded DSA key
user
- the user the imported key is linked to
file
- filename of the DSA key to import
Example
Generating key on a linux machine:
sh-3.00$ ssh-keygen -t dsa -f ./id_dsa
Generating public/private dsa key pair.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in ./id_dsa.
Your public key has been saved in ./id_dsa.pub.
The key fingerprint is:
91:d7:08:be:b6:a1:67:5e:81:02:cb:4d:47:d6:a0:3b admin-ssh@test
Importing the generated (ang uploaded) key:
[admin@AT-WR4562] user ssh-keys> print
# USER KEY-OWNER
[admin@AT-WR4562] user ssh-keys> import file=id_dsa.pub user=admin-ssh
[admin@AT-WR4562] user ssh-keys> print
# USER KEY-OWNER
0 admin-ssh admin-ssh@test
[admin@AT-WR4562] user ssh-keys>