 | Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
User authentication begins after the transport keys are applied. The client typically asks the server which authentication methods it supports. The server responds with a list of supported methods with no preference.
The client specifies a user authentication method. If the chosen method is supported by the server, the client then challenges the user—that is, the client prompts the user for a password or public-key pass phrase. The client sends the challenge response from the user and the username to the server. The server authenticates the user based on this response.
The system software currently supports only RADIUS password authentication, which is enabled by default. The RADIUS server validates the username and password from its database. If user authentication is disabled, then all SSH clients that pass protocol negotiation are accepted.
| Copyright © 2008, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |