API Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S3048-ON

Configuration:

OS10(config)# aaa authentication login {console | default} local

OS10(config)# exit

OS10# write memory

● console—Configure authentication methods for console logins.

● default—Configure authentication methods for SSH and Telnet logins.

● local—Use the local username, password, and role entries configured with the username password role command.

Enable AAA login authentication with a fallback option

Rationale: Configuring AAA authentication with a fallback option provides resiliency while authentication. If one method fails,

the system uses the other method of authentication.

Configuration:

OS10(config)# aaa authentication login {console | default} {local | group radius | group

tacacs+}

OS10(config)# exit

OS10# write memory

● console—Configure authentication methods for console logins.

● default—Configure authentication methods for SSH and Telnet logins.

● local—Use the local username, password, and role entries configured with the username password role command.

● group radius—Use the RADIUS servers configured with the radius-server host command.

● group tacacs+—Use the TACACS+ servers configured with the tacacs-server host command.

The authentication methods in the method list work in the order they are configured.

Enable AAA accounting for commands

Rationale: AAA accounting for commands records login and command information about console connections and remote

connections, such as Telnet and SSH.

Configuration:

OS10(config)# aaa accounting commands all {console | default} {start-stop | stop-only |

none} [logging] [group tacacs+]

OS10(config)# exit

OS10# write memory

● commands all—Record all user-entered commands. RADIUS accounting does not support this option.

● console—Record all user authentication and logins or all user-entered commands in OS10 sessions on console connections.

● default—Record all user authentication and logins or all user-entered commands in OS10 sessions on remote connections;

for example, Telnet and SSH.

● start-stop—Send a start notice when a process begins, and a stop notice when the process ends.

● stop-only—Send only a stop notice when a process ends.

● none—No accounting notices are sent.

● logging—Logs all accounting notices in syslog.

● group tacacs+—Logs all accounting notices on the first reachable TACACS+ server.

Enable AAA accounting for authentication events

Rationale: AAA accounting for authentication events records login and command information about console connections and

remote connections, such as Telnet and SSH.

Configuration:

OS10(config)# aaa accounting exec {console | default} {start-stop | stop-only | none}

[logging] [group tacacs+]

OS10(config)# exit

OS10# write memory

● console—Record all user authentication and logins or all user-entered commands in OS10 sessions on console connections.

● default—Record all user authentication and logins or all user-entered commands in OS10 sessions on remote connections;

for example, Telnet and SSH.

● start-stop—Send a start notice when a process begins, and a stop notice when the process ends.

OS10 security best practices