Concept Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch S4048-ON

Support for Change of Authorization and Disconnect Messages packets....................................................... 881

TACACS+........................................................................................................................................................................892

Conguration Task List for TACACS+................................................................................................................... 892

TACACS+ Remote Authentication.........................................................................................................................894

Command Authorization.........................................................................................................................................895

Protection from TCP Tiny and Overlapping Fragment Attacks...............................................................................895

Enabling SCP and SSH................................................................................................................................................. 895

Using SCP with SSH to Copy a Software Image................................................................................................ 896

Removing the RSA Host Keys and Zeroizing Storage ........................................................................................897

Conguring When to Re-generate an SSH Key ..................................................................................................897

Conguring the SSH Server Key Exchange Algorithm....................................................................................... 898

Conguring the HMAC Algorithm for the SSH Server.......................................................................................898

Conguring the HMAC Algorithm for the SSH Client........................................................................................ 899

Conguring the SSH Server Cipher List...............................................................................................................900

Conguring the SSH Client Cipher List................................................................................................................ 900

Conguring DNS in the SSH Server...................................................................................................................... 901

Secure Shell Authentication....................................................................................................................................901

Troubleshooting SSH...............................................................................................................................................904

Telnet...............................................................................................................................................................................904

VTY Line and Access-Class Conguration................................................................................................................. 904

VTY Line Local Authentication and Authorization...............................................................................................904

VTY Line Remote Authentication and Authorization.......................................................................................... 905

VTY MAC-SA Filter Support.................................................................................................................................. 905

Role-Based Access Control..........................................................................................................................................906

Overview of RBAC.................................................................................................................................................. 906

User Roles................................................................................................................................................................ 909

AAA Authentication and Authorization for Roles................................................................................................. 912

Role Accounting....................................................................................................................................................... 915

Display Information About User Roles................................................................................................................... 915

Two Factor Authentication (2FA)................................................................................................................................. 917

Handling Access-Challenge Message.................................................................................................................... 917

Conguring Challenge Response Authentication for SSHv2.............................................................................. 917

SMS-OTP Mechanism.............................................................................................................................................918

Conguring the System to Drop Certain ICMP Reply Messages.............................................................................918

Dell EMC Networking OS Security Hardening...........................................................................................................920

Dell EMC Networking OS Image Verication.......................................................................................................920

Startup Conguration Verication..........................................................................................................................921

Conguring the root User Password.....................................................................................................................922

Locking Access to GRUB Interface....................................................................................................................... 923

Enabling User Lockout for Failed Login Attempts................................................................................................923

51 Service Provider Bridging......................................................................................................................... 924

VLAN Stacking...............................................................................................................................................................924

Important Points to Remember............................................................................................................................. 925

Congure VLAN Stacking.......................................................................................................................................925

Creating Access and Trunk Ports.......................................................................................................................... 926

Contents