This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Register Now
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Announcements

SecurID® Knowledge Base

Find answers to your questions and identify resolutions for known issues with knowledge base articles written by SecurID experts.

Enable SSH using the command line on RSA Authentication Manager 8.1 up to 8.3

Article Number

000011851

Applies To

RSA Product Set: SecurID
RSA Product/Service Type: Authentication Manager
RSA Version/Condition: 8.1, 8.2, 8.3

Issue

This article provides commands to enable or disable SSH to the RSA Authentication Manager server using the command line up to 8.3.

Resolution

Before enabling SSH

You first must connect to the RSA SecurID appliance using a monitor and USB keyboard that is directly connected to the appliance. Access can also be gained from a VMware console. Commands are as follows:
  1. Launch an SSH client, such as PuTTY.
  2. Log in to the primary RSA Authentication Manager server as rsaadmin and enter the operating system password.
  3. When prompted, sudo to root and enter the password again.

During Quick Setup, another username may have been selected. Use that username to log in.

login as: rsaadmin
Using keyboard-interactive authentication.
Password: <enter operating system password>
Last login: Mon Feb 12 15:51:57 2018 from jumphost.vcloud.local
RSA Authentication Manager Installation Directory: /opt/rsa/am
rsaadmin@am82p:~> sudo su - root
rsaadmin's password: <enter operating system password>


Enable SSH to the server

Run the following commands to enable SSH: 
am82p:~ #chkconfig -f --add sshd
sshd             0:off  1:off  2:off  3:on  4:off  5:on  6:off
am82p:~ # /etc/init.d/sshd start
Checking for missing server keys in /etc/ssh
Starting SSH daemon                                       done
am82p:~ # iptables -A sshd -i eth0 -p tcp --dport 22 -j ACCEPT


Disable SSH to the server

Run the following commands to disable SSH: 
am82p:~ #chkconfig -f --del sshd
sshd             0:off  1:off  2:off  3:off  4:off  5:off  6:off
am82p:~ # /etc/init.d/sshd stop
Shutting the listening SSH daemon                       done
am82p:~ # iptables -D sshd -i eth0 -p tcp --dport 22 -j ACCEPT


Enable SSH with one command

With the syntax below, SSH can be shut down then restarted with one command:

/opt/rsa/am/utils/bin/appliance/configureSSH.sh enable <Authentication Manager IP address>

am82p:~ # /opt/rsa/am/utils/bin/appliance/configureSSH.sh enable 192.168.2.50
Shutting down the listening SSH daemon                                                            done
Checking for missing server keys in /etc/ssh
Starting SSH daemon                                                                               done
Saving iptables configuration                                                                     done
Saving iptables configuration                                                                     done

Notes

To check if the sshd service is running, type the command below: 
am82p:~ # netstat -atup | grep sshd
tcp        0      0 *:ssh                   *:*                     LISTEN      29516/sshd
tcp        0     64 am82p.vcloud.local:ssh  jumphost.vcloud.l:39030 ESTABLISHED 29070/sshd: rsaadmin
tcp        0      0 *:ssh                   *:*                     LISTEN      29516/sshd
am82p:~ #

Procedure for RSA Authentication Manager 8.4 and above

Because Authentication Manager 8.4 uses the SUSE 12.3 operating system, there is a different procedure than with earlier versions that ran on SUSE 11.4 to enable SSH using the command line.  For the new procedure, see article 000039344 - Enable SSH using the command line on RSA Authentication Manager 8.4 and up
0 Likes
Was this article helpful? Yes No
No ratings

In this article

Version history
Last update:
‎2020-12-12 08:35 AM
Updated by:
Administrator Administrator

Related Content

© 2023 RSA Security LLC or its affiliates. All rights reserved.