Sample configuration file on the AAA server
Here is a sample configuration file on the AAA server.
key = pica8 Accounting File accounting file = /var/tmp/acctfile default authentication = file /etc/passwd user = admin { member = admins } group = admins { global = cleartext "password" service = exec { default attribute = permit } } user = operator { global = cleartext "operator" service = exec { default attribute = permit } } user = ychen { global = cleartext "ychen" member = admins service = exec { default attribute = permit } } Add "/usr/share/freeradius/dictionary.pica8" to radius server before the configuration. Radius server configuration: operator Cleartext-Password := "testing" Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 172.16.3.33, Framed-IP-Netmask = 255.255.255.0, Framed-Routing = Broadcast-Listen, Framed-Filter-Id = "std.ppp", Framed-MTU = 1500, Framed-Compression = Van-Jacobsen-TCP-IP, Class = "read-only" ychen Cleartext-Password := "testing" Service-Type = Framed-User, Framed-Protocol = PPP, Framed-IP-Address = 172.16.3.33, Framed-IP-Netmask = 255.255.255.0, Framed-Routing = Broadcast-Listen, Framed-Filter-Id = "std.ppp", Framed-MTU = 1500, Framed-Compression = Van-Jacobsen-TCP-IP, Class = "super-user"Â
Follow the configuration above, the admin or operator can access the switch via SSH.
Any valid CLI commands executed by the admin or operator will be recorded to the specified accounting file. In our example above, the accounting file is/var/tmp/acctfile.
Copyright © 2024 Pica8 Inc. All Rights Reserved.