[ Pobierz całość w formacie PDF ]
.cCN.YoU.okKRelated Commandskerberos srvtab remotekey config-key[12.4.8] kerberos srvtab remoteUse the kerberos srvtab remote configuration command to retrieve a krb5 SRVTABfile from the specified host.kerberos srvtab remote {hostname | ip-address} {filename}Syntax Descriptionhostname Machine with the Kerberos SRVTAB file.ip-address IP address of the machine with the Kerberos SRVTAB file.filename Name of the SRVTAB file.Command ModeConfigurationUsage GuidelinesThis command first appeared in Cisco IOS Release 11.2.When you use the kerberos srvtab remote command to copy the SRVTAB file fromthe remote host (generally the KDC), it parses the information in this file andstores it in the router's running configuration in the kerberos srvtab entryformat.The key for each SRVTAB entry is encrypted with the private DataEncryption Standard (DES) key if one is defined on the router.To ensure thatthe SRVTAB is available (that is, that it does not need to be acquired from theKDC) when you reboot the router, use the write memory configuration command towrite the router's running configuration to NVRAM.ExampleThe command in the following example copies the SRVTAB file residing onbucket.cisco.com to a router named scooter.cisco.com:kerberos srvtab remote bucket.cisco.com scooter.cisco.com-new-srvtabRelated Commandskerberos srvtab entrykey config-key[12.4.9] key config-keyUse the key config-key global configuration command to define a private DES keyfor the router.Use the no form of this command to delete a private DataEncryption Standard (DES) key for the router.key config-key 1 stringSyntax Descriptionstring Private DES key (can be up to 8 alphanumeric characters).DefaultNo DES-key defined.Command ModeGlobal configuration.Usage GuidelinesThis command first appeared in Cisco IOS Release 11.2.This command defines for the router a private DES key that will not show up inthe router configuration.This private DES key can be used to DES-encryptcertain parts of the router's configuration.Caution The private DES key is unrecoverable.If you encrypt part of yourconfiguration with the private DES key and lose or forget the key, you will notbe able to recover the encrypted data.ExampleThe command in the following example sets bubba as the private DES key on therouter:key config-key 1 bubbaRelated Commandskerberos srvtab entrykerberos srvtab remote[12.5.0] login tacacsTo configure your router to use TACACS user authentication, use the logintacacs line configuration command.Use the no form of this command to disableTACACS user authentication for a line.login tacacsno login tacacsSyntax DescriptionThis command has no arguments or keywords.DefaultDisabledCommand ModeLine configurationUsage GuidelinesThis command first appeared in Cisco IOS Release 10.You can use TACACS security if you have configured a TACACS server and you havea command control language (CCL) script that allows you to use TACACS security.For information about using files provided by Cisco Systems to modify CCLscripts to support TACACS user authentication, refer to the "ConfiguringAppleTalk Remote Access" chapter in the Access Services Configuration Guide.Note This command cannot be used with AAA/TACACS+.Use the login authenticationcommand instead.ExampleIn the following example, lines 1 through 16 are configured for TACACS userauthentication:line 1 16login tacacs[12.5.1] nasi authenticationTo enable TACACS+ authentication for NetWare Asynchronous Services Interface(NASI) clients connecting to a router, use the nasi authentication lineconfiguration command.Use the no form of the command to return to the default,as specified by the aaa authentication nasi command.nasi authentication {default | list-name}no login authentication {default | list-name}Syntax Descriptiondefault Uses the default list created with the aaa authentication nasicommand.list-name Uses the list created with the aaa authentication nasi command [ Pobierz całość w formacie PDF ]

  • zanotowane.pl
  • doc.pisz.pl
  • pdf.pisz.pl
  • listy-do-eda.opx.pl