Knowledge Search


×
 

How to login to a vFPC instance on the vMX using SSH

  [KB34874] Show Article Properties


Summary:

This article will walk an operator through setting up their vMX so that they can SSH into the vFPC instance if they desire this capability.

Solution:

There are several ways to access the vFPC before you have enabled SSH access:

  1. Login to the vFPC instance via the vCP instance using the command "start shell pfe network base-os fpc0" as the root user

    Example:

    labroot@jtac-vm-host-180.199-vmx2> start shell user root    
    Password:
    root@jtac-vm-host-180:/var/home/labroot # cli
    labroot@jtac-vm-host-180.199-vmx2> start shell pfe network base-os fpc0 
    Last login: Thu Jul 25 19:41:55 UTC 2019 from 128.0.0.4 on pts/0
    root@vfp-vmx2:~# 

  2. Login to the vFPC instance via the vCP instance using ‘rsh’ command

    For example, log in‚Äčto the vCP shell using root credentials:

    root@traffic1-re:~ # rsh -Ji fpc0
    Last login: Mon Jan 29 16:56:18 UTC 2018 on console
    root@traffic1_mpc0:~#


Once you have accessed the vFPC, there are two ways to enable ssh at the run time in vFPC instance.

  1. Create a user using the following commands. This will also allow you to use ssh/scp with this new user.

    Create user after login:

    root@traffic1_mpc0:~#
    root@traffic1_mpc0:~# mkdir -p /var/pfe1
    root@traffic1_mpc0:~# useradd -p pfe1 -d /var/pfe1 -m -g users pfe1
    root@traffic1_mpc0:~# passwd pfe1
    Enter new UNIX password:
    Retype new UNIX password:
    passwd: password updated successfully

    Try out ssh using new user:

    [lab@sv8-pod6-vmm ea]$ ssh pfe1@10.102.185.47
    The authenticity of host '10.102.185.47 (10.102.185.47)' can't be established.
    RSA key fingerprint is 53:f4:ff:22:18:04:27:ae:73:43:53:38:ed:5e:0d:a7.
    Are you sure you want to continue connecting (yes/no)? yes
    Warning: Permanently added '10.102.185.47' (RSA) to the list of known hosts.
    pfe1@10.102.185.47's password:
    traffic1_mpc0:~$
    traffic1_mpc0:~$ whoami
    pfe1
    traffic1_mpc0:~$ pwd
    /var/pfe1

    Now you can run the above commands to create a user which will enable you to directly login vfp using ssh.

  2. Create a user using the following commands. This will also allow you to use ssh/scp with this new user.

    traffic1_mpc0:/home/pfe/riot# pwd
    /home/pfe/riot
    
    traffic1_mpc0:/home/pfe/riot# ./vfp_util.sh --help
    vfp_util.sh option value

    Options should be given separately

    options:
    -http_enable: Enabling VFP web console access via HTTP
    -http_disable: Disabling VFP web console access via HTTP
    -setpass: Set/Reset password to access VFP web console via HTTP
    -create_user: Create new user 
    -del_user: Delete user
    -rx_pkt_capture_portmask: Change capture port mask value, mask should be provided in 4-digit hex format ex. 0xFFFF
    -rx_pkt_capture_freq: Change capture frequency, frequency should be provided in seconds
    -rx_pkt_capture_length: Change capture packet length, Length should be in decimal format
    -flow_cache_disable: Enable/Disable flow cache
    -flow_cache_refresh: Enable/Disable flow cache refresh
    -console_to_file: Dump the flow-cache details
    traffic1_mpc0:/home/pfe/riot# ./vfp_util.sh -create_user
    Enter Username:pfe2
    Enter Password:
    Re-enter Password:
    User pfe2 created, HOME:/var/pfe2

    Now pfe2 user can be used to login with SSH in vFPC vm.

Related Links: