Deployment Guide
• aes128-ctr
• aes192-ctr
• aes256-ctr
The default cipher list is in the given order: aes256-ctr, aes256-cbc, aes192-ctr, aes192-cbc, aes128-ctr, aes128-cbc, 3des-cbc.
Example of Conguring a Cipher List
The following example shows you how to congure a cipher list.
Dell(conf)#ip ssh cipher aes128-ctr aes128-cbc 3des-cbc
Telnet
To use Telnet with SSH, rst enable SSH, as previously described.
By default, the Telnet daemon is enabled. If you want to disable the Telnet daemon, use the following command, or disable Telnet in the
startup cong. To enable or disable the Telnet daemon, use the [no] ip telnet server enable command.
Example of Using Telnet for Remote Login
Dell(conf)#ip telnet server enable
Dell(conf)#no ip telnet server enable
VTY Line and Access-Class Conguration
Various methods are available to restrict VTY access in Dell Networking OS. These depend on which authentication scheme you use —
line, local, or remote.
Table 64. VTY Access
Authentication Method VTY access-class support? Username access-class
support?
Remote authorization support?
Line YES NO NO
Local NO YES NO
TACACS+ YES NO YES (with Dell Networking OS
version 5.2.1.0 and later)
RADIUS YES NO YES (with Dell Networking OS
version 6.1.1.0 and later)
Dell Networking OS provides several ways to congure access classes for VTY lines, including:
• VTY Line Local Authentication and Authorization
• VTY Line Remote Authentication and Authorization
VTY Line Local Authentication and Authorization
Dell Networking OS retrieves the access class from the local database.
To use this feature:
1 Create a username.
2 Enter a password.
3 Assign an access class.
4 Enter a privilege level.
714
Security