Configuring Username and Password Security
Saving Security Credentials in a Config File
TACACS+ server application. (The encryption key is sometimes referred to as
“shared secret” or “secret” key.) For more information, see “TACACS+
Authentication” on page 4-1 in this guide.
TACACS+ shared secret (encryption) keys can be saved in a configuration file
by entering this command:
ProCurve(config)# tacacs-server key <keystring>
The option <keystring> is the encryption key (in clear text) used for secure
communication with all or a specific TACACS+ server.
RADIUS Shared-Secret Key Authentication
You can use RADIUS servers as the primary authentication method for users
who request access to a switch through Telnet, SSH, Web interface, console,
or port-access (802.1X). The shared secret key is a text string used to encrypt
data in RADIUS packets transmitted between a switch and a RADIUS server
during authentication sessions. Both the switch and the server have a copy of
the key; the key is never transmitted across the network. For more
information, refer to “3. Configure the Switch To Access a RADIUS Server” on
page 5-15 in this guide.
RADIUS shared secret (encryption) keys can be saved in a configuration file
by entering this command:
ProCurve(config)# radius-server key <keystring>
The option <keystring> is the encryption key (in clear text) used for secure
communication with all or a specific RADIUS server.
SSH Client Public-Key Authentication
Secure Shell version 2 (SSHv2) is used by ProCurve switches to provide
remote access to SSH-enabled management stations. Although SSH provides
Telnet-like functions, unlike Telnet, SSH provides encrypted, two-way
authenticated transactions. SSH client public-key authentication is one of the
types of authentication used.
Client public-key authentication uses one or more public keys (from clients)
that must be stored on the switch. Only a client with a private key that matches
a public key stored on the switch can gain access at the manager or operator
level. For more information about how to configure and use SSH public keys
to authenticate SSH clients that try to connect to the switch, refer to
“Configuring Secure Shell (SSH)” on page 7-1 in this guide.
2-16
To Next Page
Loading...
Need help?
General