HP Mellanox SX1018 Mellanox MLNX-OS User Manual for SX1018HP Ethernet Managed - Page 49
Diagnostics, User Management and Security
View all HP Mellanox SX1018 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 49 highlights
4.6 Diagnostics Rev 1.6.2 4.6.1 Retrieving Return Codes when Executing Remote CLI Commands through SSH To stop the CLI and set the system to send return errors if some commands fail, perform the following: Step 1. Connect to the system from the host SSH. Step 2. Add the -h parameter after the cli (as shown in the example below) to notify the system to halt on failure and pass through the exit code. ssh @ cli -h '"enable" "show interfaces brief"' 4.7 User Management and Security 4.7.1 Authentication, Authorization and Accounting (AAA) AAA is a term describing a framework for intelligently controlling access to computer resources, enforcing policies, auditing usage, and providing the information necessary to bill for services. These combined processes are considered important for effective network management and security. The AAA feature allows you to verify the identity of, grant access to, and track the actions of users managing the MLNX-OS switch. The MLNX-OS switch supports Remote Access Dial-In User Service (RADIUS) or Terminal Access Controller Access Control device Plus (TACACS+) protocols. • Authentication - authentication provides the initial method of identifying each individual user, typically by entering a valid username and password before access is granted. The AAA server compares a user's authentication credentials with the user credentials stored in a database. If the credentials match, the user is granted access to the network or devices. If the credentials do not match, authentication fails and network access is denied. • Authorization - following the authentication, a user must gain authorization for performing certain tasks. After logging into a system, for instance, the user may try to issue commands. The authorization process determines whether the user has the authority to issue such commands. Simply put, authorization is the process of enforcing policies: determining what types or qualities of activities, resources, or services a user is permitted. Usually, authorization occurs within the context of authentication. Once you have authenticated a user, they may be authorized for different types of access or activity. • Accounting - the last level is accounting, which measures the resources a user consumes during access. This includes the amount of system time or the amount of data a user has sent and/or received during a session. Accounting is carried out by logging of session statistics and usage information, and is used for authorization control, billing, trend analysis, resource utilization, and capacity planning activities. Authentication, authorization, and accounting services are often provided by a dedicated AAA server, a program that performs these functions. Network access servers interface with AAA servers using the Remote Authentication Dial-In User Service (RADIUS) protocol. For information on the AAA commands, please refer to Mellanox MLNX-OS Command Reference Guide. Mellanox Technologies 49