VIDEO: Creating and using a CLI user to retrieve a password (4251797)

Chatta subito con l'assistenza

Ottieni assistenza in tempo reale
Completa la registrazione

Accedi

Richiedi prezzo

Contatta il supporto vendite

Restituisci

Feedback inviato

Questo articolo ti è servito per risolvere il problema?

Seleziona valutazione

Titolo

VIDEO: Creating and using a CLI user to retrieve a password
Descrizione

How to create a CLI user in TPAM, and retrieve a password through the CLI interface
Risoluzione

This video demonstrates:

- Creating a CLI user within the /tpam interface

- How to give the CLI user permissions to perform a password retrieve

- Testing the CLI user via SSH

- Testing the CLI user via Plink

To create a CLI user:

1. Sign into the '/tpam' GUI of the applicance using an existing Admin (eg; 'paradmin')

2. Select Users & Groups | UserIDs | Add UserID.

3. Enter a "User Name" (note, it is case sensitive), enter a first and last name

4. Clear the "Allow Web Access" check box

5. Click on the "Key Based" tab, tick CLI.

6. Click "Save Changes"

7. Click "Download Key" to download the CLI key.

At this point the id_dsa file can be downloaded and used via native SSH. The CLI account can be tested with a command such as help, which will return the list of valid commands.

ssh -i id_dsa cliuser@IPADDRESS Help

NOTE: The case of the user should match the UserID in TPAM.

To use the key in Putty / Plink

This example requires some free tools from putty.org (putty.exe, puttygen.exe, plink.exe, pscp.exe). They can be dowloaded from http://www.putty.org under the 'putty' section

1. In order to use the key with Plink it must be converted to a PPK file.

2. Run puttygen, click the 'Load' button and select the key just downloaded (note: select 'All Files' at bottom right of puttygen to view all extensions).

3. In puttygen, click 'Save Private Key'. This will generate a warning about saving without a passphrase - click 'Yes' to save the PPK file without a passphrase.

Sending CLI commands to the appliance:

The plink or pscp commands (also from putty.org) may now be used with the newly created PPK to access the CLI commands.

The first time plink or pscp are run, they will return a warning that the host key will be imported into the registry, this is expected -- just press 'y' to 'store key in cache'.

The syntax of plink is:

plink -i [keyfile] [userid]@[PAR-address] [command] [filename]

e.g.:

plink -i cliuser.ppk cliuser@192.168.0.1 ListUsers

Feedback inviato

Questo articolo ti è servito per risolvere il problema?

Seleziona valutazione

Request a KB Article

Contenuti consigliati

Prodotto/i:: TPAM
2.5.923, 2.5.922, 2.5.921, 2.5.920, 2.5.919, 2.5.918, 2.5.917, 2.5.916, 2.5.915, 2.5.914

Argomento/i:: Best Practices, Configuration, Troubleshooting, Installation, How To

Cronologia articoli:: Data di creazione: 2/9/2018
Ultimo aggiornamento: 5/7/2023

Cerca in tutti gli articoli

Seleziona il prodotto:

Per una maggiore efficacia, compilare l'Obiettivo della chat:

Soluzioni consigliate per il problema

VIDEO: Creating and using a CLI user to retrieve a password (4251797)

Titolo

Descrizione

Risoluzione

Leave a Comment