cancel
Showing results for 
Search instead for 
Did you mean: 

Is there a way to limit certain users to console access

Is there a way to limit certain users to console access

TurboSound
New Contributor II

Hi there, does anyone know if there is a way to limit certain user to certain types of management access?

My idea behind this would be to provide an emergency account to on-site personnel which could only be accessed via the console (therefore secured by physical access control and a shared password) but not via ssh.

Thanks in advance for your reply!

TS 🙂

1 ACCEPTED SOLUTION

TurboSound
New Contributor II

Hi there, I just noticed that exos literally provides this exact feature:


https://extremeportal.force.com/ExtrArticleDetail?an=000081953


The only pitfall is you have to configure it directly in the setup dialog after factory reset.

 


Note to future self: RTFM! xD

 

TS 🙂

View solution in original post

3 REPLIES 3

TurboSound
New Contributor II

Hi there, I just noticed that exos literally provides this exact feature:


https://extremeportal.force.com/ExtrArticleDetail?an=000081953


The only pitfall is you have to configure it directly in the setup dialog after factory reset.

 


Note to future self: RTFM! xD

 

TS 🙂

TurboSound
New Contributor II

Hi @Miguel-Angel RODRIGUEZ-GARCIA,

 

Thank you for your answer, I will definitely test this solution some time, but I agree that this solution would be somewhat risky for an emergency scenario.

 

TS 🙂

Miguel-Angel_RO
Valued Contributor II

Hi TurboSound,

The radius attribute nas-port-type should be different for console (0) or network(15/19) (SSH/TELNET) access.

See: https://datatracker.ietf.org/doc/html/rfc2865#page-60

 

For an emergency access, a local user would be better than a radius user.

 

Mig

GTM-P2G8KFN