Shell control box configuration, Procedure 1: create new radius server instance, 0 shell control box configuration – HID BalaBit and ActivID AAA User Manual

ActivID AAA and BalaBit Shell Control Box | Integration Handbook

External Use | July 30, 2014 | © 2014 HID Global Corporation/ASSA ABLOY AB. All rights reserved.

P 4

2.0

Shell Control Box Configuration

This chapter describes how to configure the BalaBit Shell Control Box (SCB) to work with ActivID AAA. When
a user signs into a BalaBit Shell Control Box appliance, the BalaBit appliance forwards the user’s credentials
to an authentication server to verify the user’s identity. You will need to create a new RADIUS server instance
for the ActivID AAA server, in order to validate the user’s one-time password generated by a token.

2.1

Procedure 1: Create New RADIUS Server Instance

When an external RADIUS server is used to authenticate BALABIT users, you must configure the RADIUS
server to recognize Balabit as a client, and you must specify a shared secret for the RADIUS server to use to
authenticate client requests. To configure a connection to the RADIUS server on the BalaBit Shell Control Box
(SCB) appliance, perform the following steps.

1. On the main tab of the navigation pane, expand AAA, and then click Settings.

2. Set the Authentication Method field to RADIUS.

3. In the Address field, enter the IP address or the domain name of the RADIUS server.

4. In the Shared secret field, enter the password that SCB can use to access the server (must be the same

one as in the Shared Secret field in ActivID AAA).

5. To add more RADIUS servers, click + and repeat steps 2-4.



Note: If a server is unreachable, SCB will try to connect to the next server in the list in failover
fashion.