Telnet / SSH

You can use Telnet / SSH authentication objects for either SSH (default: port 22) or Telnet (default: port 23) logins. Select which type of login by selecting the port when you use them in the Resource Discovery Wizard.

Figure 16-18  General (Telnet / SSH) Page

The following are the authentication object fields for Telnet/SSH (ASCII) logins. For additional SSH information, refer to SSH Strict Host Key Checking.

General Parameters

ID -- The Telnet or SSH authentication object name.

Use for EMS-- Checking this lets this application--the entire element management system (EMS)--use this authentication. Otherwise, authentications are only available to individual users who have permissions to use them.

If none of the associated credentials are marked Use for EMS then the software chooses the set of authentications to which the current user has access. Administrators typically use this capability to control access to cut-thru session capabilities (read vs. read-write) when a command line interface is present to the managed device.

[spacer]

Resync fails if you do not check this box.

Select Telnet / SSH Parameters

User ID -- The user login.

Password / Confirm-- The password for the User ID this object uses.

Enable User ID -- The user login, if the device needs a different login for an enabled user. Consult your device’s manuals for more about this.

Enable Password / Confirm Enable Password --The user password (and confirmation), if the device needs a different password for an enabled user.

Secure WBEM Access

Some monitoring capabilities require root access, even if you securely log into the UNIX host. In this case, when configuring this secure (SSH) login, use the Authentication Manager’s Telnet authentication editor to configure su as an Enable User ID, and the root user’s password as the Enable Password. For other WBEM access, configure authentication as an HTTP/HTTPS login / password, and select WBEM as the protocol after you have selected the WBEM authentication.

Confirm your entries here with File > Save or by clicking on the Save icon or button.

Required Security Levels

Access to some system command modes on devices may be defined by specifying an access privilege level for a user account. For example, some devices require access privilege level 15 to access Enable (privileged) mode. This application requires the user account for authenticating with and managing a device has a privilege level of 15. For the Juniper Netscreen driver this application requires root privileges for some configuration operations. Ensure that user accounts associated with Authentication objects are configured on the device with root privileges and has both read and write access. Similarly, Juniper M/T/J users require users assigned to the superuser class for some operations. Consult your equipment’s manuals for instructions about how to set up user access.