Authentication for SSH users by an LDAPS

View Only

last person joined: 6 hours ago

Back to discussions

Expand all | Collapse all

Authentication for SSH users by an LDAPS

This thread has been viewed 17 times

1. Authentication for SSH users by an LDAPS

0 Kudos
medera
Posted Apr 08, 2022 04:24 PM

Reply Reply Privately
LDAP for ssh authentication works fine.
ip 10.10.10.10 port 389

Does the HP flexFabric 5700, 5800 support LDAPS? The LDAPS always displays "access denied"
ip 10.10.10.10 port 636

I followed the instructions to setup LDAP:

HPE FlexFabric 5710 Switch Series Security Configuration Guide
https://techhub.hpe.com/eginfolib/networking/docs/switches/5710/5200-5002_security_cg/content/index.htm

reagrds
medera

------------------------------
ana medera
------------------------------
2. RE: Authentication for SSH users by an LDAPS

0 Kudos
James69
Posted Apr 29, 2022 02:29 AM

Reply Reply Privately
Configure the switch to meet the following requirements:

Use the LDAP server to authenticate SSH users.

Assign the level-0 user role to SSH users after they pass authentication.

------------------------------
James Gross
------------------------------

Original Message
3. RE: Authentication for SSH users by an LDAPS

0 Kudos
EMPLOYEE

Ivan_B
Posted Apr 29, 2022 02:58 AM

Reply Reply Privately
In the documentation for 5700 and 58xx series (BTW, 58xx are running Comware 5, old and unsupported) there is no mention for LDAPS or LDAP over TLS. The command 'protocol-version' has only two arguments: 'v2' and 'v3', so I am afraid when you point the port 636, the switch tries to use clear-text LDAP on that port, not TLS, that is the most probable cause why it fails.

------------------------------
Ivan Bondar
------------------------------

Original Message

Comware

Authentication for SSH users by an LDAPS

1. Authentication for SSH users by an LDAPS

2. RE: Authentication for SSH users by an LDAPS

3. RE: Authentication for SSH users by an LDAPS