Radius authentication, Secure shell (ssh), Radius authentication 39 – Intel BLADE SERVER IXM5414E Manuale d'uso

Switch Management and Operating Concepts

39

✏

NOTE

The switch module’s Authenticator supports only the EAP-MD5 authentication type for local
authentication.

RADIUS authentication

When Remote Authentication Dial-In User Service (RADIUS) authentication is used, the
authenticator basically becomes a pass through to facilitate communication between the supplicant
and the RADIUS server. The authenticator encapsulates the EAP messages exchanged between the
supplicant and the server in either EAPoL or RADIUS frames (depending on the direction of the
frame). The authenticator determines the authorization status of the port based on RADIUS Access-
Accept or Access-Reject frames. The authenticator switch also needs to send and process all
appropriate RADIUS attributes.

Secure Shell (SSH)

Interactive login is widely used as a means to control and/or configure an entity across a network.
For decades the Telnet protocol, and its cousin rlogin, have provided this capability. However, these
protocols permit the transmission of sensitive information over unprotected networks. The current
standard for providing interactive login in a secure fashion is the Secure SHell (SSH).

Table 2. Secure Shell Feature Details

SSH Feature

Component Type

Connection Type

Interactive Login

Authentication Method

Password

Ciphers

•

3DES-CBC

•

Blowfish-CBC

•

Twofish128-CBC

•

AES128-CBC

Hash Algorithms

•

MD5

•

SHA-1

•

SHA-1-96

Key Exchange Methods

Diffie-Hellman

Compression Algorithms

•

zlib

•

none (i.e. no compression)

Public Key Algorithms

•

SSH-DSA

•

SSH-RSA

SSH Protocol Versions

•

SSH 2.0

•

SSH 1.5