Users Guide
Configuring Smart Card Authentication 165
Configuring Smart Card
Authentication
The iDRAC6 supports the Two-factor-authentication (TFA) feature by
enabling Smart Card Logon.
The traditional authentication schemes use user name and password to
authenticate users. This provides minimal security.
TFA, on the other hand, provides a higher-level of security by making the
users provide two factors of authentication - what you have and what you
know - what you have is the Smart Card, a physical device, and what you
know - a secret code like a password or PIN.
The two-factor authentication requires users to verify their identities by
providing both factors.
Configuring Smart Card Login in iDRAC6
To enable the iDRAC6 Smart Card logon feature from the Web-based
interface, go to Remote Access→ Configuration→ Smart Card and select
Enable.
If you:
•Enable
or
Enable with Remote Racadm
, you are prompted for a Smart
Card logon during any subsequent logon attempts using the
Web-based
interface
.
When you select
Enable
, all command line interface (CLI) out-of-band
interfaces, such as telnet, SSH, serial, remote RACADM, and IPMI over
LAN, are disabled because these services support only single-factor
authentication.
When you select
Enable with Remote Racadm
, all CLI out-of-band
interfaces, except remote RACADM, are disabled.