This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Is there a way to limit certain users to console access

Is there a way to limit certain users to console access

Go to solution
TurboSound
New Contributor II

‎07-08-2021 03:39 PM

Hi there, does anyone know if there is a way to limit certain user to certain types of management access?

My idea behind this would be to provide an emergency account to on-site personnel which could only be accessed via the console (therefore secured by physical access control and a shared password) but not via ssh.

Thanks in advance for your reply!

TS 🙂

0 Kudos
1 ACCEPTED SOLUTION

Go to solution
TurboSound
New Contributor II

‎07-23-2021 01:53 PM

Hi there, I just noticed that exos literally provides this exact feature:


https://extremeportal.force.com/ExtrArticleDetail?an=000081953


The only pitfall is you have to configure it directly in the setup dialog after factory reset.

 


Note to future self: RTFM! xD

 

TS 🙂

View solution in original post

0 Kudos
3 REPLIES 3

Go to solution
TurboSound
New Contributor II

‎07-23-2021 01:53 PM

Hi there, I just noticed that exos literally provides this exact feature:


https://extremeportal.force.com/ExtrArticleDetail?an=000081953


The only pitfall is you have to configure it directly in the setup dialog after factory reset.

 


Note to future self: RTFM! xD

 

TS 🙂

0 Kudos

Go to solution
TurboSound
New Contributor II

‎07-12-2021 06:02 AM

Hi @Miguel-Angel RODRIGUEZ-GARCIA,

 

Thank you for your answer, I will definitely test this solution some time, but I agree that this solution would be somewhat risky for an emergency scenario.

 

TS 🙂

0 Kudos

Go to solution
Miguel-Angel_RO
Valued Contributor II

‎07-09-2021 08:09 PM

Hi TurboSound,

The radius attribute nas-port-type should be different for console (0) or network(15/19) (SSH/TELNET) access.

See: https://datatracker.ietf.org/doc/html/rfc2865#page-60

 

For an emergency access, a local user would be better than a radius user.

 

Mig

0 Kudos
GTM-P2G8KFN