Vyatta Network OS Documentation

Learn how to install, configure and operate the Vyatta NOS, which helps drive our virtual networking & physical platforms portfolio.

Restricting access through connection type

The vRouter sends different connection-type information through the TACACS+ protocol based on the type of connection by which the user is accessing the vRouter. This information can be used to restrict how certain types of users are allowed to access the system. For example, it is possible to restrict administrators to only login access through the physical console rather than remotely through SSH or Telnet.

Table 1. Protocol values sent to TACACS+ based on connection type
Connection type Protocol value sent to TACACS+

Console

login

SSH

sshd

Telnet

telnet