odin101
1 Copper

VNX - Local Account - Read Only for SSH to CS

Hello All,

Issue:  We had some file side files filling up to 100% causing CS reboots and failovers.  It also made it where we could not login to Unisphere.  The file that caused this is dev/hda3.  EMC applied fix but it took 6 days to resolve so we want to be more proactive in monitoring in-house.

Action Needed:  Create local account to have our monitoring group SSH into the VNX to monitor the files size.

Request:  Looking for a naviseccli to create an local user to SSH into the CS and run simple df -h cmd.  I want to limit the amount of access granted but want them to be able to run simple list cmds.  I tried to create the account in Unisphere but never could login to the CS after creating, even tried adding rights.

Thanks!

Labels (1)
0 Kudos
3 Replies
odin101
1 Copper

Re: VNX - Local Account - Read Only for SSH to CS

I ran this but only created block user account:

naviseccli -h spa security -adduser -user xxx -password xxx -scope local -role operator

When I tried to SSH, of course it would not let me login. 

0 Kudos
dynamox
6 Gallium

Re: VNX - Local Account - Read Only for SSH to CS

login to control station and create account from there (google useradd and sudo)

brettesinclair
3 Silver

Re: VNX - Local Account - Read Only for SSH to CS

I'd send email from the CS rather than have the monitoring group login. In it's simplest form,


df -h | mail -v -s Daily_FS_Info recipient@domain.com

convert it to html if the formatting is not satisfactory and schedule via cron.