12: User Authentication
SLC™ 8000 Advanced Console Manager User Guide 268
Encrypt Messages Select Start TLS or SSL to encrypt messages between the SLC unit and the LDAP
server. If Start TLS is selected, the port will automatically be set to 389 and the
StartTLS extension will be used to initiate a secure connection; if SSL is selected,
the port will automatically be set to 636 and a SSL tunnel will be used for LDAP
communication. The port number can be changed to a non-standard LDAP port; if
the port number is set to anything other than 636, Start TLS will be used as the
encryption method. Disabled by default.
Certificate Authority A certificate can be uploaded to the SLC unit for peer authentication. In non-FIPS
mode, the uploaded certificate may contain a Certificate Authority file, a Certificate
file (with an optional Key file), or both. A Key file alone is not a valid certificate. In
FIPS mode, all 3 files (CA, certificate and key) are required. The Certificate
Authority and Certificate File are in PEM format, for instance:
-----BEGIN CERTIFICATE-----
(certificate in base64 encoding)
-----END CERTIFICATE-----
The Key File is in PEM format, eg:
-----BEGIN RSA PRIVATE KEY-----
(private key in base64 encoding)
-----END RSA PRIVATE KEY-----
Certificate File
Key File
Custom Menu If custom menus have been created, you can assign a default custom menu to
LDAP users. (See “Custom Menus” on page 290.)
Escape Sequence A single character or a two-character sequence that causes the SLC 8000
advanced console manager to leave direct (interactive) mode. (To leave listen
mode, press any key.)
A suggested value is Esc+A (escape key, then uppercase "A" performed quickly
but not simultaneously). You would specify this value as \x1bA, which is
hexadecimal (\x) character 27 (1B) followed by an A.
This setting allows the user to terminate the
connect direct command on the
command line interface when the endpoint of the command is deviceport, tcp, or
udp.
See Key Sequences on page 230 for notes on key sequence precedence and
behavior.
Break Sequence A series of 1-10 characters users can enter on the command line interface to send
a break signal to the external device. A suggested value is Esc+B (escape key,
then uppercase “B” performed quickly but not simultaneously). You would specify
this value as \x1bB, which is hexadecimal (\x) character 27 (1B) followed by a B.
Enable for Dial-back Select to grant a user dial-back access. Users with dial-back access can dial into
the SLC unit and enter their login and password. Once the SLC 8000 advanced
console manager authenticates them, the modem hangs up and dials them back.
Disabled by default.
Dial-back Number The phone number the modem dials back on depends on this setting for the device
port. The user is either dialed back on a fixed number, or on a number that is
associated with the user’s login (specified here).
Data Ports
The ports users are able to monitor and interact with using the
connect
direct
command. U1 and U2 denote the USB upper and lower ports on the front
of the SLC unit.
Listen Ports
The ports users are able to monitor using the
connect listen command.
Clear Port Buffers
The ports whose port buffer users may clear using the
set locallog clear
command.
To Next Page
Loading...
Need help?
General
