Support Support Downloads Knowledge Base Service Request Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

How to login to a vFPC instance on the vMX using SSH

0

0

Article ID: KB34874 KB Last Updated: 15 Aug 2019Version: 1.0
Summary:

This article will walk an operator through setting up their vMX so that they can SSH into the vFPC instance if they desire this capability.

Solution:

There are several ways to access the vFPC before you have enabled SSH access:

  1. Login to the vFPC instance via the vCP instance using the command "start shell pfe network base-os fpc0" as the root user

    Example:

    labroot@jtac-vm-host-180.199-vmx2> start shell user root    
    Password:
    root@jtac-vm-host-180:/var/home/labroot # cli
    labroot@jtac-vm-host-180.199-vmx2> start shell pfe network base-os fpc0 
    Last login: Thu Jul 25 19:41:55 UTC 2019 from 128.0.0.4 on pts/0
    root@vfp-vmx2:~# 

  2. Login to the vFPC instance via the vCP instance using ‘rsh’ command

    For example, log in‚Äčto the vCP shell using root credentials:

    root@traffic1-re:~ # rsh -Ji fpc0
    Last login: Mon Jan 29 16:56:18 UTC 2018 on console
    root@traffic1_mpc0:~#


Once you have accessed the vFPC, there are two ways to enable ssh at the run time in vFPC instance.

  1. Create a user using the following commands. This will also allow you to use ssh/scp with this new user.

    Create user after login:

    root@traffic1_mpc0:~#
    root@traffic1_mpc0:~# mkdir -p /var/pfe1
    root@traffic1_mpc0:~# useradd -p pfe1 -d /var/pfe1 -m -g users pfe1
    root@traffic1_mpc0:~# passwd pfe1
    Enter new UNIX password:
    Retype new UNIX password:
    passwd: password updated successfully

    Try out ssh using new user:

    [lab@sv8-pod6-vmm ea]$ ssh pfe1@10.102.185.47
    The authenticity of host '10.102.185.47 (10.102.185.47)' can't be established.
    RSA key fingerprint is 53:f4:ff:22:18:04:27:ae:73:43:53:38:ed:5e:0d:a7.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '10.102.185.47' (RSA) to the list of known hosts.
    pfe1@10.102.185.47's password:
    traffic1_mpc0:~$
    traffic1_mpc0:~$ whoami
    pfe1
    traffic1_mpc0:~$ pwd
    /var/pfe1

    Now you can run the above commands to create a user which will enable you to directly login vfp using ssh.

  2. Create a user using the following commands. This will also allow you to use ssh/scp with this new user.

    traffic1_mpc0:/home/pfe/riot# pwd
    /home/pfe/riot
    
    traffic1_mpc0:/home/pfe/riot# ./vfp_util.sh --help
    vfp_util.sh option value

    Options should be given separately

    options:
    -http_enable: Enabling VFP web console access via HTTP
    -http_disable: Disabling VFP web console access via HTTP
    -setpass: Set/Reset password to access VFP web console via HTTP
    -create_user: Create new user 
    -del_user: Delete user
    -rx_pkt_capture_portmask: Change capture port mask value, mask should be provided in 4-digit hex format ex. 0xFFFF
    -rx_pkt_capture_freq: Change capture frequency, frequency should be provided in seconds
    -rx_pkt_capture_length: Change capture packet length, Length should be in decimal format
    -flow_cache_disable: Enable/Disable flow cache
    -flow_cache_refresh: Enable/Disable flow cache refresh
    -console_to_file: Dump the flow-cache details
    traffic1_mpc0:/home/pfe/riot# ./vfp_util.sh -create_user
    Enter Username:pfe2
    Enter Password:
    Re-enter Password:
    User pfe2 created, HOME:/var/pfe2

    Now pfe2 user can be used to login with SSH in vFPC vm.

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Security Alerts and Vulnerabilities

Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search