ip ssh server
This command enables the server to manage the device with access via SSH protocol.
The use of the negative form (no) of the command disables the server to manage the device with access via SSH protocol.
Syntax
[no] ip ssh server
Parameters
The command contains no arguments.
Command mode
CONFIG
Example
ma4000(config)# ip ssh server
ip telnet port
This command specifies the port for the Telnet server.
The use of a negative form (no) of the command sets the default value.
Syntax
ip telnet port <PORT>
no ip telnet port
Parameters
<PORT> – port number, takes values of [1..65535].
Default value
23
Command mode
CONFIG
Example
ma4000(config)# ip telnet port 24
ip telnet server
This command enables the server to manage the device with access via Telnet protocol.
The use of a negative form (no) of the command disables Telnet server.
Syntax
[no] ip telnet server
Parameters
The command contains no arguments.
Command mode
CONFIG
Example
ma4000(config)# ip telnet server
show ip ssh
This command allows to view information about the state of the SSH-server (allowed/denied).
Syntax
show ip ssh
Parameters
The command contains no arguments.
Command mode
ROOT
Example
ma4000# show ip ssh SSH server state: enabled
show ip telnet
This command allows to view information about the status of the Telnet server and the port number from which the Telnet connection is available.
Syntax
show ip telnet
Parameters
The command contains no arguments.
Command mode
ROOT
Example
ma4000# show ip telnet Telnet server state: enabled port : 23
aaa authentication login
This command sets the authentication method for logging in. The created lists can be used to specify an authentication method different from the default authentication method for a certain type of connection (console, telnet, ssh).
In order for users authenticated through the TACACS+/RADIUS server to be able to edit the system configuration, a local user named 'remote' must be given the appropriate rights.
The use of the negative form (no) of the command enables local authentication.
Syntax
[no] aaa authentication login default <METHODS>
[no] aaa authentication login list <LIST NAME> <METHODS>
Parameters
<METHODS> – authentication methods list, which may contain one or more of following values:
- tacacs+ – use TACACS+ server for authentication;
- radius – use RADIUS server for authentication.
<LISTNAME> – authentication list name.
Default value
local
Command mode
CONFIG
Example
ma4000(config)# aaa authentication login default tacacs+ local
line
This command is used to enter the configuration mode of a certain type of connection.
Syntax
line <TYPE>
Parameters
<TYPE> – connection type, may take one of the following values:
- console – connection via console;
- telnet – connection via Telnet;
- ssh – connection via SSH.
Command mode
CONFIG
Example
ma4000(config)# line console ma4000(pp4x-config-line-console)#
login authentication
This command sets the authentication method to log in for a specific type of connection (console, telnet, ssh).
The use of a negative form (no) of the command sets the default value.
Syntax
[no] login authentication <NAME>
Parameters
<NAME> – authentication methods list name. Takes the 'default' value and the names of the lists created by the user.
Default value
default
list
Command mode
CONFIGURE LINE
Example
ma4000(pp4x-config-line-console)# login authentication mylist
enable authentication
This command sets the authentication method to obtain privileged access for a specific type of connection (console, telnet, ssh).
The use of a negative form (no) of the command sets the default value.
Syntax
[no] enable authentication <NAME>
Parameters
<NAME> – authentication methods list name. Takes the 'default' value and the names of the lists created by the user.
Default value
default
list
Command mode
CONFIGURE LINE
Example
ma4000(pp4x-config-line-console)# enable authentication enable list
tacacs-server timeout
This command sets the default time to wait for a response from the TACACS+ server.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] tacacs-server timeout <TIMEOUT>
Parameters
<TIMEOUT> – TACACS+ server response waiting time, may take values [1..30] seconds.
Default value
5 seconds
Command mode
CONFIG
Example
ma4000(config)# tacacs-server timeout 10
tacacs-server key
This command sets the default key for authentication and encryption of data between the device and the TACACS+ server.
The use of a negative form (no) of the command removes the default key.
Syntax
[no] tacacs-server key <KEY>
Parameters
<KEY> – authentication key, contain [1..64] characters.
Command mode
CONFIG
Example
ma4000(config)# tacacs-server key 12345
tacacs-server encrypted key
This command sets the default key for authentication and encryption of data between the device and the TACACS+ server in encrypted state.
The use of a negative form (no) of the command removes the default key.
Syntax
[no] tacacs-server encrypted key <KEY>
Parameters
<KEY> – authentication key, contain [1..128] characters.
Command mode
CONFIG
Example
ma4000(config)# tacacs-server encrypted key 98C7D37909
tacacs-server host
This command adds the specified server to the list of used TACACS+ servers and moves to the configuration mode of a certain TACACS+ server.
The use of a negative form (no) of the command removes server.
Syntax
[no] tacacs-server host <IP>
Parameters
<IP> – IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].
In the server configuration mode, the following parameters can also be set:
- timeout – server response waiting time, may take values [1..30] seconds;
- port-number – number of port to exchange data with a server, takes values of [1..65535];
- key – key for authentication and encryption of data between the device and the TACACS+ server, the key contains [1...64] characters;
- encrypted key – key for authentication and encryption of data between the device and the TACACS+ server in encrypted form, the key contains [1...128] characters;
- priority – remote server priority, takes values in the range of [0-65535].
Command mode
CONFIG
Example
ma4000(config)# tacacs-server host 10.10.10.10 ma4000(pp4x-config-tacacs)# key 123 ma4000(pp4x-config-tacacs)# timeout 12 ma4000(pp4x-config-tacacs)# priority 0 ma4000(pp4x-config-tacacs)# port-number 3000
radius-server timeout
This command sets the default time to wait for a response from the RADIUS server.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] radius-server timeout <TIMEOUT>
Parameters
<TIMEOUT> – RADIUS server response waiting time, may take values [1..30] seconds.
Default value
5 seconds
Command mode
CONFIG
Example
ma4000(config)# radius-server timeout 10
radius-server key
This command sets the default key for authentication and encryption of data between the device and the RADIUS server.
The use of a negative form (no) of the command removes the default key.
Syntax
[no] radius-server key <KEY>
Parameters
<KEY> – authentication key, contain [1..64] characters.
Command mode
CONFIG
Example
ma4000(config)# radius-server key 12345
radius-server encrypted key
This command sets the default key for authentication and encryption of data between the device and the RADIUS server in encrypted state.
The use of a negative form (no) of the command removes the default key.
Syntax
[no] radius-server encrypted key <KEY>
Parameters
<KEY> – authentication key, contain [1..128] characters.
Command mode
CONFIG
Example
ma4000(config)# radius-server encrypted key 98C7D37909
radius-server host
This command adds the specified server to the list of used RADIUS servers and moves to the configuration mode of a certain RADIUS server.
The use of a negative form (no) of the command removes server.
Syntax
[no] radius-server host <IP>
Parameters
<IP> – IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].
In the server configuration mode, the following parameters can also be set:
- timeout – server response waiting time, may take values [1..30] seconds;
- port-number – number of port to exchange data with a server, takes values of [1..65535];
- key – key for authentication and encryption of data between the device and the RADIUS server, the key contains [1...64] characters;
- encrypted key – key for authentication and encryption of data between the device and the RADIUS server in encrypted form, the key contains [1...128] characters;
- priority – remote server priority, takes values in the range of [0-65535].
Command mode
CONFIG
Example
ma4000(config)# radius-server host 10.10.10.10 ma4000(pp4x-config-radius)# key 123 ma4000(pp4x-config-radius)# timeout 12 ma4000(pp4x-config-radius)# priority 0 ma4000(pp4x-config-radius)# port-number 3000
aaa accounting commands tacacs+
This command enables keeping records of the commands entered by the user.
The use of a negative form (no) of the command sets the default value. By default is disabled.
Syntax
[no] aaa accounting commands tacacs+
Parameters
The command contains no arguments.
Command mode
CONFIG
Example
ma4000(config)# aaa accounting commands tacacs+
aaa accounting start-stop tacacs+
This command enables logging in/out of the system.
The use of a negative form (no) of the command sets the default value.
Syntax
[no] aaa accounting start-stop tacacs+
Parameters
The command contains no arguments.
Default value
accounting disabled
Command mode
CONFIG
Example
ma4000(config)# aaa accounting start-stop tacacs+
show authentication methods
This command allows to view the authentication methods selected in the system.
Syntax
show authentication methods
Parameters
The command contains no arguments.
Command mode
ROOT
Example
ma4000# show authentication methods Login Authentication Method Lists ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Name Methods -------------------------------- ------------------------------ default local Lines Authentication Method Lists ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Line Login Method List Enable Method List ---------- -------------------------------- -------------------------------- console default default telnet default default ssh default default
show tacacs
This command is used to view the list of TACACS+ servers.
Syntax
show tacacs
Parameters
The command contains no arguments.
Command mode
ROOT
Example
ma4000# show tacacs Global Values: Timeout 5 sec TACACS Configuration ~~~~~~~~~~~~~~~~~~~~ IP address Port Timeout Priority --------------- ----- ------- -------- 10.10.10.10 49 0 0
show accounting
This command allows to view the accounting settings.
Syntax
show accounting
Parameters
The command contains no arguments.
Command mode
ROOT
Example
ma4000# show accounting Login start-stop: Disable Commands: Disable