Re: [RADIUS] Switch administration using SSH

Innoiris7 · ‎12-21-2011

Hi,

I want to use LDAP accounts to administrate switches (3COM and H3C)

It works fine when I use telnet.

I just need to push RADIUS attribute Login-Service (ID 15) with Telnet value (ID 0)

Now, I want to use SSH (for security reasons )

RADIUS have to push RADIUS attribute Login-Service (ID 15) with SSH value (ID 50)

SSH value doesn't exist in RADIUS IETF dictionary for Login-Service attribute.

I can't create SSH value because this dictionary is protected on Cisco ACS. (dictionary based on RADIUS RFC http://tools.ietf.org/html/rfc2865#section-5.15 and SSH value doesn't exist)

Can we use another RADIUS attribute ?

Thanks,

Patrick

Edu_b0 · ‎12-28-2015

Hi,

Use:

attribute 15 check-mode loose

in your radius scheme.

Best regards.

Edwin

rey64 · ‎05-20-2016

Hi,

Try "Login-Service == 50".

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

Re: [RADIUS] Switch administration using SSH

[RADIUS] Switch administration using SSH

Re: [RADIUS] Switch administration using SSH

Re: [RADIUS] Switch administration using SSH