At 12:45 PM 3/21/2001 -0500, Daniel Golding wrote:
>2) There is no way to properly account for root access on a Juniper, UNLESS
>you are forced to Radius authenticate with your own username, then either
>sudo, or su to root.
Assuming:
1) you use "authentication-order radius;"
2) you do not have a "root" account in your RADIUS database
3) the RADIUS server is reachable.
The you can not SSH into the router as root. When the RADIUS server becomes unreachable, you can log in as root.
Does that satisfy your requirement?
--Stacy
From jared@puck.neth¬óÅ;et
Received: (from jared@localhost)
by puck.nether.net (8.11.1/8.9.3) id f2LKN0425814
for junipe¬óÅ;p@localhost1/8.9.3) idI
(envelope-from jared)
Resent-Message-Id: <200103212023.f2LKN0425814@puck¬óÅ;he
Received: (from slist@localhost)
by puck.nether.net (8.11.1/8.9.3) id f2LKMdr25738;
Wed, 21 Mar 2001 15:22:39 -05¬óÅ;(e
Date: Wed, 21 Mar 2001 15:22:39 -0500
X-From_: ronjeremy@raemail.com We¬óÅ;r
Received: from someone claiming to be
herbie.raeinternet.com ([206.112.75.185])
by puck.nether.net (8.¬óÅ;/8
for <juniper-nsp@puck.nether.net>; Wed, 21 Mar 2001 15:22:38 -0500
(envelope-from ronjer¬óÅ;ra
Received-Date: Wed, 21 Mar 2001 15:22:38 -0500
Received: (qmail 27967 invoked by uid 511); 21 Mar 2001 20:15:27¬óÅ;00
From: "ronjeremy" <ronjeremy@raemail.com>
To: juniper-nsp¬óÅ;k.
Old-Date: Wed, 21 Mar 2001 20:15:27 GMT
Mime-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso¬óÅ;9-
ContEnt-Transfer-Encoding: 7bit
X-Diagnostic: Not on the accept list
X-Envelope-To: juniper-nsp
Resent-From: jared@puck¬óÅ;he
REsent-Date: Wed, 21 Mar 2001 15:23:00 -0500
Resent-To: juniper-nsp@puck.nether.net
Subject: [j-nsp] 48 port line ca¬óÅ;
d
months or do i need to front end with 6500?