Support Support Downloads Knowledge Base Case Manager My Juniper Community

Knowledge Base

Search our Knowledge Base sites to find answers to your questions.

Ask All Knowledge Base Sites All Knowledge Base Sites JunosE Defect (KA)Knowledge BaseSecurity AdvisoriesTechnical BulletinsTechnotes Sign in to display secure content and recently viewed articles

[NFX] Unable to Get Console Access Into a VNF when Logged in as Non-Root User

0

0

Article ID: KB35438 KB Last Updated: 21 Jan 2020Version: 1.0
Summary:

This article clarifies that only users with root access will be able to get console access into a virtual network function (VNF) from Juniper Device Manager (JDM) or vjunos0 (JCP) and not non-root users. It also gives the reason for this.

 

Symptoms:

I am logged in as a non-root super-user and am trying to gain console access into a VNF from either JDM or vjunos (on nfx-3 platform).

Note: Confirm that the VNF is built as shown below:

lab> show virtual-network-functions 
ID       Name                                              State      Liveliness
--------------------------------------------------------------------------------
2        ubuntu1604                                        Running    down
1        vjunos0                                           Running    alive
 

However, when attempting to gain console access into ubuntu1604, I see the following:

lab> request virtual-network-functions console ubuntu1604 
Internal instance: vnf0
ssh: Could not resolve hostname jdm: hostname nor servname provided, or not known

Note: Sometimes, the following message may be seen on some versions of code: ssh: connect to host jdm port 22: Operation timed out​).

 

Solution:

On NFX platforms, vjunos (JCP) communicates with JDM via a pre-configured SSH channel. An SSH key is exchanged between the JCP root user and the JDM, and many features use this channel, including console connections.

JDM, therefore, accepts communication from JCP only if the user is a root user. Because of this, console access of a VNF can be accomplished only when logged in as a root user.

 

Comment on this article > Affected Products Browse the Knowledge Base for more articles related to these product categories. Select a category to begin.

Getting Up and Running with Junos

Getting Up and Running with Junos Security Alerts and Vulnerabilities Product Alerts and Software Release Notices Problem Report (PR) Search Tool EOL Notices and Bulletins JTAC User Guide Customer Care User Guide Pathfinder SRX High Availability Configurator SRX VPN Configurator Training Courses and Videos End User Licence Agreement Global Search