000031089 - Enable SSH from a console connection on RSA Authentication Manager 8.1 if the Operations Console is not available

Document created by RSA Customer Support Employee on Jun 14, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 3Show Document
  • View in full screen mode

Article Content

Article Number000031089
Applies ToRSA Product Set: SecurID
RSA Product/ Service Type: Authentication Manager
RSA Version/Condition: 8.1
Issue
  • Authentication Manager 8.1 services are down and SSH is needed to copy files to or from the server for investigation (e. g., log files or debug scripts).
  • There may be instances where the Operations Console cannot be opened in a browser due to missing credentials, thus SSH connectivity cannot be enabled to reset the credentials.
Resolution

  1. Open a console connection to the server. If it is a hardware appliance, connect a keyboard and monitor. If it is a virtual machine, open the console from the Hypervisor client.



  2. Login as rsaadmin, then switch to root.


    RSA Authentication Manager 8.1.0.0.0-build1364817
    am81p login: rsaadmin
    password:
    Last login: Mon Aug 31 01:11:42 2015 from jumphost.vcloud.local
    RSA Authentication Manager Installation Directory: /opt/rsa/am
    rsaadmin@am81p:~> sudo su -
    rsaadmin's password:
    am81p:~ #



  3. Run the following command to enable SSH.


    am81p:~ # /opt/rsa/am/utils/bin/appliance/configureSSH.sh enable
    Shutting down the listening SSH daemon                                                        failed
    Starting SSH daemon                                                                           done
    Saving iptables configuration                                                                 done
    Saving iptables configuration                                                                 done
    am81p:~ #



  4. Run the following command to disable SSH again (if needed).


    am81p:~ # /opt/rsa/am/utils/bin/appliance/configureSSH.sh disable
    Shutting down the listening SSH daemon                                                        done
    Saving iptables configuration                                                                 done
    am81p:~ #


Notes See also KB article How to enable SSH via the command line on on AM8.x that provides steps to accomplish the same goal using direct Linux commands.
 

Attachments

    Outcomes