10: User Authentication
SecureLinx SLC User Guide
114
To configure the SLC to use RADIUS to authenticate users who log in via the Web,
SSH, Telnet, or the console port:
set radius state <enable|
disable
>
To identify the RADIUS server(s), the text secret, and the number of the TCP port
on the RADIUS server:
set radius server <1|2> host <IP Address or Hostname> secret
<Secret> [port <TCP Port>]
The default port is 1812.
To set the number of seconds after which the connection attempt times out:
set radius timeout <disable|1-30>
May be 1-30 seconds.
To set user group and permissions for RADIUS users:
set radius group <default|power|admin>
To set permissions for RADIUS users not already defined by the user rights group:
set radius permissions <Permission List>
where
<Permission List>
is one or more of
nt, sv, dt, lu, ra, sk, um, dp, pc,
rs, rc, dr, wb, sn, ad
To remove a permission, type a minus sign before the two-letter abbreviation for a user
right.
To set a default custom menu for RADIUS users:
set radius custommenu <Menu Name>
To view RADIUS settings:
show radius
Kerberos
Kerberos is a network authentication protocol that provides strong authentication for
client/server applications by using secret-key cryptography.
The system administrator can configure the SLC to use Kerberos to authenticate users
attempting to log in using the Web, Telnet, SSH, or the console port.
Users who are authenticated through Kerberos are granted device port access through
the port permissions on this page.
All Kerberos users are members of a group that has predefined user rights associated
with it. You can add additional user rights that are not defined by the group.
To configure the SLC to use Kerberos to authenticate users:
1. From the main menu, select
User Authentication - Kerberos
. The following page
displays.
