Remote Authentication Options

Video Activity
Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
21 hours 25 minutes
Difficulty
Intermediate
CEU/CPE
21
Video Transcription
00:00
>> Hey, Cybrarians.
00:00
>> Welcome back to the Linux+ course here at Cybrary.
00:00
>> I'm your instructor, Rob Goelz.
00:00
In today's lesson, we're going to be
00:00
covering remote authentication options.
00:00
Upon completion of this lesson,
00:00
you are going to be able to understand
00:00
remote authentication options
00:00
>> and differentiate between RADIUS and TACACS+.
00:00
>> We have covered VPN technology
00:00
for securing remote connection,
00:00
but remote authentication
00:00
handles validating user accounts
00:00
so that the VPN can establish
00:00
>> that connection with the trusted user,
00:00
>> unlike whatever's happening in this picture.
00:00
For Linux+, the two concepts we're going to cover here
00:00
are RADIUS and TACACS+.
00:00
RADIUS or Remote Authentication Dial-in User Service
00:00
>> is an older authentication protocol.
00:00
>> RADIUS provides centralized AAA management
00:00
and AAA's authentication,
00:00
authorization, and accounting.
00:00
It was historically used for users
00:00
>> that were connecting via dial-up modems.
00:00
>> Hence, we have dial-in user service,
00:00
but it is still commonly used for network access
00:00
>> when people are trying to
00:00
>> authenticate logging to switches.
00:00
>> The thing about RADIUS that you need to know
00:00
>> is that it only encrypts
00:00
>> the password that's used to authenticate.
00:00
>> It's a little less secure than TACACS+,
00:00
>> which we'll talk about in the next slide.
00:00
>> Once authenticated by RADIUS,
00:00
users are granted an IP address
00:00
and they get access to the network.
00:00
RADIUS can also authenticate against
00:00
other information like network address,
00:00
phone number, and access privileges.
00:00
The big thing to remember about RADIUS
00:00
>> and one of the takeaways here,
00:00
>> because you may get asked this on the exam
00:00
>> are the port numbers.
00:00
>> RADIUS uses two ports, 1812 and 1813.
00:00
Terminal Access Controller Access-Control System Plus,
00:00
or the much easier to say TACACS+,
00:00
>> is another centralized AAA management protocol.
00:00
>> The original TACACS protocol
00:00
>> was heavily used in early UNIX systems,
00:00
>> but TACACS is actually an incompatible update
00:00
>> to that protocol created by and for Cisco Systems,
00:00
>> but at this point,
00:00
>> it is supported by a lot of other vendors.
00:00
>> TACACS+ is more secure than other protocols
00:00
like RADIUS, as I said,
00:00
and that's because the entire transaction
00:00
>> is encrypted when you're working with TACACS+.
00:00
>> The other nice part about it is AAA services
00:00
>> can be compartmentalized on separate servers.
00:00
>> The thing to remember about TACACS+ for the exam
00:00
>> is that it uses port 49.
00:00
>> With that, we've reached the end of this lesson.
00:00
In this lesson, we covered
00:00
the two remote authentication options
00:00
>> that are likely to be on Linux+ exam.
00:00
>> Again, we talked about RADIUS and TACACS+.
00:00
Then we talked about the differentiation
00:00
between RADIUS and TACACS+,
00:00
remember with RADIUS,
00:00
that connection is only going to secure the password,
00:00
>> whereas with TACACS+ secures the whole thing
00:00
>> and of course, do make sure to memorize those ports
00:00
>> because they may be on the exam.
00:00
Thanks so much for being here
00:00
>> and I look forward to seeing you in the next lesson.
Up Next