| |
|
|
Authentication, Authorization, and Accounting (AAA) includes three distinct services:
Authentication is a basic security mechanism to authenticate users to a system. Authorization allows a range of users to be on a network, each having explicitly configured access. Accounting is used for billing and for tracking the activities of users.
Terminal Access Controller Access Control System (TACACS+) is a secure authentication protocol. The Avici router TACACS+ client communicates with a third party TACACS+ server to provide AAA services.
Secure Shell (SSH) Remote Login Protocol is used to protect systems from IP, routing or DNS spoofing, provide a secure method of authentication, and redirect arbitrary TCP/IP ports over an encrypted channel. SSH enables a SSH client to make a secure connection to the Avici router.
When you enable SSH on the server, the entire system is placed in a secure mode. All unencrypted sessions are rejected unless explicitly permitted. The only connections allowed when SSH is enabled are SSH sessions and sessions with a directly connected console. Use the commands in this chapter to:
- Enable/disable AAA services
- Configure up to five systems as TACACS+ servers
- Configure the policy for selecting a server
- Display the AAA configuration and AAA servers
- Enable/disable SSH
- Display SSH sessions
| |
|
|
Copyright © 2005
Avici Systems Inc.
Avici® and TSR®
is a registered trademark of Avici Systems Inc.
IPriori™, Composite Links™, SSR™, QSR, and NSR® are
trademarks of Avici Systems Inc.
Source
File Name: AAA%20commands.fm
HTML File Name: AAA%20commands.html
Last Updated: 02/25/05 at 14:30:26