Sample configuration file on the AAA server
- Tracy Yang (Unlicensed)
Owned by Tracy Yang (Unlicensed)
Mar 03, 2023
1 min read
Loading data...
Here is a sample configuration file on the AAA server.
key = pica8
Accounting File
accounting file = /var/tmp/acctfile
default authentication = file /etc/passwdÂ
user = admin {
member = admins
}Â
group = admins {
global = cleartext "password"
service = exec {
default attribute = permit
}
}
user = operator {
global = cleartext "operator"
service = exec {
default attribute = permit
}
}
user = ychen {
global = cleartext "ychen"
member = admins
service = exec {
default attribute = permit
}
}
Add "/usr/share/freeradius/dictionary.pica8" to radius server before the configuration.
Radius server configuration:Â
operator Cleartext-Password := "testing"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 172.16.3.33,
Framed-IP-Netmask = 255.255.255.0,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "std.ppp",
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP,
Class = "read-only"Â
ychen Cleartext-Password := "testing"
Service-Type = Framed-User,
Framed-Protocol = PPP,
Framed-IP-Address = 172.16.3.33,
Framed-IP-Netmask = 255.255.255.0,
Framed-Routing = Broadcast-Listen,
Framed-Filter-Id = "std.ppp",
Framed-MTU = 1500,
Framed-Compression = Van-Jacobsen-TCP-IP,
Class = "super-user"Â
Follow the configuration above, the admin or operator can access the switch via SSH.
Any valid CLI commands executed by the admin or operator will be recorded to the specified accounting file. In our example above, the accounting file is/var/tmp/acctfile.
Copyright © 2024 Pica8 Inc. All Rights Reserved.