On 5 Apr 2016, at 5:23 EAT, Phil Shafer wrote: > Aaron writes: >> I'm new to Juniper. and I'm looking to protect ssh/telnet on all interfaces >> on my juniper ACX5048's. > > First comment is: if you want security, don't allow telnet. > Force the use of ssh. > > Me, I don't even like allowing passwords. JUNOS now supports the "system > services ssh no-passwords" knob to force the use of ssh keys over text > passwords. And your radius server will happily serve ssh keys. Force the > move away from passwords.
Do you have documentation on how to do this? I have looked through the cymru docs and they don’t say how to serve the SSH key from radius. -- patrick
signature.asc
Description: OpenPGP digital signature
_______________________________________________ juniper-nsp mailing list juniper-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/juniper-nsp
