Enable Telnet or RSH access to the cluster
-
PDF of this doc site
- Cluster administration
-
Volume administration
- Logical storage management with the CLI
-
NAS storage management
- Configure NFS with the CLI
- Manage NFS with the CLI
-
Manage SMB with the CLI
- Manage file access using SMB
- SAN storage management
- Security and data encryption
-
Data protection and disaster recovery
- Data protection with the CLI
Collection of separate PDF docs
Creating your file...
As a security best practice, Telnet and RSH are disabled in the predefined management firewall policy (mgmt
). To enable the cluster to accept Telnet or RSH requests, you must create a new management firewall policy that has Telnet or RSH enabled, and then associate the new policy with the cluster management LIF.
ONTAP prevents you from changing predefined firewall policies, but you can create a new policy by cloning the predefined mgmt
management firewall policy, and then enabling Telnet or RSH under the new policy. However, Telnet and RSH are not secure protocols, so you should consider using SSH to access the cluster. SSH provides a secure remote shell and interactive network session.
Perform the following steps to enable Telnet or RSH access to the clusters:
-
Enter the advanced privilege mode:
set advanced
-
Enable a security protocol (RSH or Telnet):
security protocol modify -application security_protocol -enabled true
-
Create a new management firewall policy based on the
mgmt
management firewall policy:
system services firewall policy clone -policy mgmt -destination-policy policy-name
-
Enable Telnet or RSH in the new management firewall policy:
system services firewall policy create -policy policy-name -service security_protocol -action allow -ip-list ip_address/netmask
To allow all IP addresses, you should specify-ip-list 0.0.0.0/0
-
Associate the new policy with the cluster management LIF:
network interface modify -vserver cluster_management_LIF -lif cluster_mgmt -firewall-policy policy-name