Continuing from a fresh setup of the Data ONTAP 8.1 Simulator ; the following post goes through the steps to enable SFTP Access to /etc without having NFS or CIFS licensed nor enabled. And here we will use WinSCP to connect to /vol/vol0 and browse the /etc folder.
1) Connect to the CLI using the root login
2) From the CLI run the following 5 commands:
options sftp.enable on
options sftp.auth_style unix
options security.admin.authentication nsswitch
wrfile -a /etc/passwd sftpuser:_J9..IMv76dJgB/sqpf.:0:1::/:
wrfile -a /etc/group daemon:*:1:
The 5 lines above –
i: Enables sftp
ii: Sets the sftp authentication style to unix
iii: Sets the security admin authentication to nsswitch
iv: Creates the passwd file with a user sftpuser with password cifs*123 (the string "_J9..IMv76dJgB/sqpf." is generated using the cifs passwd cifs*123 command – see Appendix below.)
v: Creates the group file
*Note that wrfile -a actually appends to a file; if there is no file to append to it will create the file
3) Use WinSCP to connect with the following details:
Host name: {DNS Name or IP Address of your filer}
User name: sftpuser
Password: cifs*123
Fig. 1: WinSCP Login
And we are in!
Fig. 2: /vol/vol0 folder
Appendix: Notes on cifs passwd
The cifs passwd command – used to obtain a correctly formatted password – must be run with CIFS enabled. To temporarily license CIFS, enable CIFS, obtain the correctly formatted password, then disable CIFS and delete the license; run through the following commands:
FILER> license add DZDACHD #cifs
*The above license code works with the 8.1 SIM (for more 8.1 vsim licenses see: http://now.netapp.com/NOW/download/tools/simulator/ontap/8.1/vsim_licenses_810.txt )
FILER> cifs setup
Do you want to make the system visible via WINS? [n]: n
Selection (1-2)? [1]: 2 for Multiprotocol filer
Would you like to change this name? [n]: n
Selection (1-4)? [1]: 4 for /etc/passwd and/or NIS/LDAP authentication
What is the name of the Workgroup? [WORKGROUP]: WORKGROUP
FILER> cifs passwd cifs*123
*Record the output from here and feel free to change the cifs*123 password!
FILER> cifs terminate
FILER> license delete cifs
SEO: The contents of this article may help if you are getting the following error(s) –
[sftp.connection.request.failed:error]: SFTP (SSH File Transfer Protocol) connection request from client system failed because the user is not permitted to do SFTP (SSH File Transfer Protocol) operations
[sshd_2:error]: error: Disconnecting: SFTP connection creation failed
0 comments:
Post a Comment