Fibre Channel (SAN)

Reply
Occasional Contributor
Posts: 6
Registered: ‎09-22-2009

How to set ssh public key for "user" account?

Hello,

Here is my problem:

I already use ssh keys for the "admin" account on my brocade SAN switches and everything works fine.

I want to set a public key for the "user" account to run script through SSH and collect informations.

If I connect to the switch using the "user" account, I can't import a public key:

FCSEXTP217:FID128:user> sshutil importpubkey
Permission denied to perform this operation.

So I looked for my problem in documentation, and found that I may have to allow the "user" account to manage ssh with "sshutil allowuser" command from the "admin" account, and here is what I get when I try that:

FCSEXTP217:FID128:admin> sshutil allowuser user
Permission denied to perform this operation.

So I try the same thing from the "root" account:

FCSEXTP217:FID128:root> sshutil allowuser user
Permission denied. Only admin can choose the allowed user.

I'm a little bit lost! ! ! ! !

Can somebody help me?

What do I have to do to add a public key to the account "user"???

Thanks

Valued Contributor
Posts: 931
Registered: ‎12-30-2009

Re: How to set ssh public key for "user" account?

from the help pages

  username
                  Specifies login name for the configured user.
                  The user must be in the switch user database
                  and must have admin privileges on the switch.

The "user" user has no admin right by default.

Occasional Contributor
Posts: 6
Registered: ‎09-22-2009

Re: How to set ssh public key for "user" account?

Hi Dion,

Thanks for the response, but when I try to add admin role to the "user" account, here is what I get:

FCSEXTP217:FID128:admin> userconfig --change user -l 128 -r Admin
Cannot change specified attributes for the default account

Does it mean that I can't use the "user" account to do what I want?

Do I have to create a specific account?

Valued Contributor
Posts: 931
Registered: ‎12-30-2009

Re: How to set ssh public key for "user" account?

Does it mean that I can't use the "user" account to do what I want?

Exactly, from the help pages (try help userconfig)

     --add | --change
             Creates a new user account or modifies an existing
             user account.  The following restrictions apply when
             you create or modify a user account:

             o You cannot change the role, the AD or LF
               permissions, the home AD or the home LF
               of any default account.

Do I have to create a specific account?

Yes

Occasional Contributor
Posts: 6
Registered: ‎09-22-2009

Re: How to set ssh public key for "user" account?

Thanks for you help

Join the Community

Get quick and easy access to valuable resource designed to help you manage your Brocade Network.

vADC is now Pulse Secure
Download FREE NVMe eBook