Manage SSH functionality on the management node

Contributors netapp-pcarriga netapp-amitha Download PDF of this page

You can disable, re-enable, or determine the status of the SSH capability on the management node (mNode) using the REST API. SSH capability that provides NetApp Support remote support tunnel (RST) session access is enabled on the management node by default.

What you’ll need
  • Cluster administrator permissions: You have permissions as administrator on the storage cluster.

  • Element software: Your cluster is running NetApp Element software 11.3 or later.

  • Management node: You have deployed a management node running version 11.3 or later.

  • Management services updates: You have updated your management services bundle to version 2.17.

Options

You can do any of the following tasks after you authenticate:

Disable or enable the SSH capability on the management node

You can disable or re-enable SSH capability on the management node. SSH capability that provides NetApp Support remote support tunnel (RST) session access is enabled on the management node by default. Disabling SSH does not terminate or disconnect existing SSH client sessions to the management node. If you disable SSH and elect to re-enable it at a later time, you can do so using the same API.

API command

For management services 2.18 or later:

curl -k -X PUT "https://<<managementNodeIP>/mnode/2/settings/ssh?enabled=<false/true>" -H  "accept: application/json" -H  "Authorization: Bearer ${TOKEN}"

For management services 2.17 or earlier:

curl -X PUT "https://<managementNodeIP>/mnode/settings/ssh?enabled=<false/true>" -H  "accept: application/json" -H  "Authorization: Bearer ${TOKEN}"
Note You can find the bearer ${TOKEN} used by the API command when you authorize. The bearer ${TOKEN} is in the curl response.
REST API UI steps
  1. Access the REST API UI for the management node API service by entering the management node IP address followed by /mnode/:

    https://<managementNodeIP>/mnode/
  2. Select Authorize and complete the following:

    1. Enter the cluster user name and password.

    2. Enter the client ID as mnode-client.

    3. Select Authorize to begin a session.

    4. Close the window.

  3. From the REST API UI, select PUT /settings​/ssh.

    1. Click Try it out.

    2. Set the enabled parameter to false to disable SSH or true to re-enable SSH capability that you previously disabled.

    3. Click Execute.

Determine status of the SSH capability on the management node

You can determine whether or not SSH capability is enabled on the management node using a management node service API. SSH is enabled by default on the management node.

API command

For management services 2.18 or later:

curl -k -X PUT "https://<<managementNodeIP>/mnode/2/settings/ssh?enabled=<false/true>" -H  "accept: application/json" -H  "Authorization: Bearer ${TOKEN}"

For management services 2.17 or earlier:

curl -X PUT "https://<managementNodeIP>/mnode/settings/ssh?enabled=<false/true>" -H  "accept: application/json" -H  "Authorization: Bearer ${TOKEN}"
Note You can find the bearer ${TOKEN} used by the API command when you authorize. The bearer ${TOKEN} is in the curl response.
REST API UI steps
  1. Access the REST API UI for the management node API service by entering the management node IP address followed by /mnode/:

    https://<managementNodeIP>/mnode/
  2. Select Authorize and complete the following:

    1. Enter the cluster user name and password.

    2. Enter the client ID as mnode-client.

    3. Select Authorize to begin a session.

    4. Close the window.

  3. From the REST API UI, select GET /settings​/ssh.

    1. Click Try it out.

    2. Click Execute.

Find more information