SSH Console
Salve a tutti!
Sono nuovo nella community... ho diversi problemi nel configurare he mio Server vSphere e spero di find the solution I miei problemi!
Ho tried a cercare altre discussioni trattassero che I miei problemi my ho trovato solo in parte delle soluzioni. Quindi apro questa discussione.
CERCO di turns grew linee difficolta mia...
Con UN Server ho da vSphere 4 su cui girano 4 macchine virtuali. Fino an installata era una licenza yesterday free poi cercando di risolvere he mio problema ho da una licenza Enterprise Plus.
Ho da sul mio pc vCenter server 4.1.0 e quando vado ad add it mio Server vsphere host ottengo place (dopo circa UN oretta) como he message "cannot install the vCenter agent service. Cannot download agent. »
Ho letto una miriade di che trattavano questo topic forum... compresa Ko di vmware my an oggi non sono riuscito a find una soluzione.
He problema che mi affligge e che anche da it titolo alla discussione e the possibility through the console attraverso di comandi come ad esempio disinstallare does outdo it vcenter agent present in esx by poi riprovare airfare outdo al vcenter ssh.
He problema e che ho abilitato it remote tech support my mi connect PuTTY tramite e quando mi loggo come when root non posso does when comandi... come ad esempio
service mgmt-vmware restart
ricevo place it message
-Ash: service: not found
Sto where matto! Per cercare di risolvere no problema me is not e altri!
You can help?
Grazie thousand a tutti anticipatamente
VPN tunnel? Aruba non ti da questa possibility?
VCenter non sta nel senso che li:
-sta in sottorete di Un'altra what datacenter
-sta in another data center
-sta a casa tua
CMQ con studiati Aruba (wishes...) come tunnelizzare quella outdo. Tanto address ip pubblico serve went console, nelle vm not metti altri. Oddio, would be meglio avere due sottoreti a disposizione una by the console e una by the vm, specie pubblicando ESXi my sia questo non temo knew internet, it modo in cui he Server di aruba e stato dato in uso.
Ciao,.
Luca.
Tags: VMware
Similar Questions
-
Cannot SSH / console to the EPSC
Suddenly, I am unable to access the EPSC device console via SSH or local console. When I connect, for the "admin" account credentials are accepted and then the following text is displayed:
######################################################################### # This system is hardened and for the use of authorized users only. # # Individuals using this computer system without authority, or in # # excess of their authority, are subject to having all of their # # activities on this system monitored and recorded by system # # personnel. # # # # In the course of monitoring individuals improperly using this # # system, or in the course of system maintenance, the activities # # of authorized users may also be monitored. # # # # Anyone using this system expressly consents to such monitoring # # and is advised that if such monitoring reveals possible # # evidence of criminal activity, system personnel may provide the # # evidence of such monitoring to law enforcement officials. # ######################################################################### java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.AbstractPlainSocketImpl.doConnect(Unknown Source) at java.net.AbstractPlainSocketImpl.connectToAddress(Unknown Source) at java.net.AbstractPlainSocketImpl.connect(Unknown Source) at java.net.SocksSocketImpl.connect(Unknown Source) at java.net.Socket.connect(Unknown Source) at java.net.Socket.connect(Unknown Source) at java.net.Socket.
(Unknown Source) at java.net.Socket. (Unknown Source) at com.cisco.ca.ss.adminshell.client.ShellClient.main(ShellClient.java:63) Error occured: could not connect to the command server I have tried power cycling the CSPC.
Anyone has a suggestion to remedy this?
Hi again,
On the continuation of the investigation, there is actually a bug that seems to cause this problem. If you change the default password "admin" in the GUI, it causes a problem with the connection to the mysql database.
If you have changed the admin password last time, then as long as you do not change the password for the admin on your redeployment, so you shouldn't run again the issue.
-Lynden
-
Creating a Clone VM of model VM using SSH console error DiskLib_Check()
Hi all
I'm now using ESXi 3.5 u4 and I activated the SSH connection.
in a PuTTY console, I run the following command:
vmkfstools-i/vmfs/volumes/datastore1/WinXPProSP3vmxp00_ md3000i/vmfs/volumes/MD3000iVMFS/WinXPProSP3_vmxp01_
to copy the virtual directory WinXPProSP3vmxp00_ in my SAN-VMFS, but then I got this error:
* DiskLib Check() has failed for disc source the specified file is not a virtual disk (15). * _
is there a best way to do without vCenter license?
or just use ishall
_CP - r
/ vmfs/volumes/datastore1/VM_Templates /& lt; SOURCE & gt;
/ vmfs/volumes/datastore1 /& lt; DESTINATION & gt; _
Instead?
Thank you.
Kind regards
AWT
vmkfstools only work with the drive.
The best solution is using VC.
Converter also works very well.
But if you use the copy of files (like cp) you MUST regenerate vMAC address (when you turn on the computer virtual don't say keep!).
The virtual machine should be also customized (new name, new IP, new SID), but in any case.
André
* If you found this device or any other answer useful please consider awarding points for correct or helpful answers
-
My vmdk files not visible from vpshere but visible from ssh console
Hello
I would use my dataontap virtual appliance of Netapp communities tar file.
Their installation guide, they show just to put this on the data store tar file.
This tar file contains the following files:
DataONTAP.vmdk
DataONTAP.vmx
DataONTAP - flat hard
DataONTAP - nvram.vmdk
DataONTAP-nvram - flat hard
DataONTAP - s001.vmdk by DataONTAP - s126.vmdk (126 disk files)
DataONTAP - sim.vmdk
DataONTAP - var.vmdk
DataONTAP-var - flat hard
I put this vsphere on the data store file and extract it to ssh connection on esxi with the command "tar".
All files are now visible to PuTTY connection on esxi
1 / but when I browse datastore, I see not all vmdk files. (missing 126 files on disk)
2 / when I turn, this virtual machine, I have this error "DataONTAP - sim.vmdk file not found on /vmfs/volumes.../.
But this file exist on the path specified error.
Configuration:
ESXi 5.1, NFS datastore.
Stand-alone node (without cluster)
No vcenter
Spatial data store are free and available.
Checksum for this tar file are OK.
Thank you very much
Concerning
The files in the archive are the data files, and not the descriptor. I guess DataONTAP - sim.vmdk is the file descriptor for these files DataONTAP - sXXX.vmdk . To ensure that this is the case, please attach the DataONTAP - sim.vmdk.
If this is the case, here are the steps that should make the usable virtual machine:
- load the muliextent module
vmkload_mod multiextent - Rename the virtual disk file to a temporary file name
vmkfstools EI DataONTAP - sim.vmdk DataONTAP-sim - old.vmdk - clone the virtual disk in a format supported the original file name
vmkfstools-i DataONTAP-sim - old.vmdk DataONTAP - sim.vmdk - d thin - an ide - unload the module multiextent
multiextent vmkload_mod-u
At this point, you should be able to turn on the virtual machine. If everything works as expected, you can delete all the temporary files of DataONTAP-sim-old * hard .
André
- load the muliextent module
-
Hello
recently, due to the expiration policy for password on my ISE, I changed my pass admin ISE through the graphical user interface. but then I can connect to my ISE GUI with the new admin password. But when I try to ssh to my LSE and to try some new admin pass, it does not accept the new pass, when I try with old pass admin it works on ssh
something wrong?
Hi Imran,
Change the password of ISE GUI will not change in the SSH ISE console password. These two are two different flow rates and if you want to change the CLI password you must use the ISE rescue CD and select the option change the password and it will prompt you to change the password in the ssh console.
-
Local database username and password SSH works not
I have a weird problem. I recently install an ASA 5510 and SSH work. To make it easier on my VPN users I decided that I wanted to implement a policy Windows 2008 network for the RADIUS authentication server. Since I added the part of RAY to the aaa authentication, when I use SSH to connect to the ASA, should not be the local user name and the password I installed. However, I can get by using a domain user name and password. This is the SSH and AAA configuration. Am I missing something here? The user name and password in the ASA is not on the domain and it is as if the ASA does not even LOCAL when attempting to authenticate. I want to use the local user name and password if possible. I'm kind new to ASA...
On another note, I have never been able to SSH in on internal interface. I always get an error message "the remote system refused the connection. I can only use the external interface.
Site - ASA # sh run | in ssh
authentication AAA ssh console LOCAL SERVER_RADIUS
SSH 0.0.0.0 0.0.0.0 outdoors
SSH 0.0.0.0 0.0.0.0 inside
SSH timeout 60
SSH version 2
Site - ASA # sh run | in aaa
RADIUS protocol AAA-server SERVER_RADIUS
AAA-server SERVER_RADIUS (inside) host 10.0.0.6
authentication AAA ssh console LOCAL SERVER_RADIUS
Console HTTP authentication of the AAA SERVER_RADIUS LOCAL
Site - ASA #.
If there is no other config that would help I would be more than happy to show them
Thank you!
Hello
Try as
authentication AAA ssh console LOCAL SERVER_RADIUS
because if the RADIUS is available the device does not check local users.
-
Authentication of SSH without password on a PIX
I'm looking to implement authentication SSH without password for a Solaris client can run a script to open a session on a PIX and retrieve the configuration.
Someone has reached the SSH authentication without password on a PIX or find out if the device supports it or not?
Thank you, Dom
It is vaguely correct.
Here are the details:
Security506E - 6.x (config) # aaa HS
AAA proxy-limit 16
authentication AAA ssh console LOCAL SecurityACS1111
Console HTTP authentication of the AAA SecurityACS1111 LOCAL
Console Telnet AAA authentication LOCAL SecurityACS1111
Console to enable AAA authentication LOCAL SecurityACS1111
LOCAL AAA authorization command
now, if you have configured aaa on the pix and specified an aaa for the role of authentication server when ssh is done "'authentication aaa ssh console LOCAL SecurityACS1111'...". then the username and passwords of the Ali database should be provided when ssh is done.
If you have specified LOCAL as an authentication method, then the database username and password configured in the configuration of the firewall will be used for the purposes of authentication.
If you have not specified "ssh" under "sh aaa" command output, then the default settings are used.
dafault settings:
username: pix
telnet password: password you have defined with the command:
password
activate the password:
password, you have defined using:
activate the password
Please indicate if this help!
Sushil
Cisco tac.
-
Option for "SSH Server" for the firewall under "safety profile"?
Hello
We have upgraded all ESXi hosts to vSphere 5.1.
Question 1
=========
We observe that for a specific ESXi host, the option button is avaialbe (others are gray). We are able to change the political beginning and can 'start' / 'stop' and 'restart' this service.
We cannot see any difference between this server and other hosts of ESXi.
Question 2
=========
We would also like to ask the opinion that, if we want to connect to the SSH console, the procedure is to start the SSH Service (Services) and check "SSH Server" (Firewall)?
Thank you
I would just leave if you verified that it is the same build as the other 5.1 hosts.
-
Difficulty to El Capitan stuck when connecting
Last month I upgraded 10.11.1 and could no longer connect my system. I would like to enter my password correctly and then the cursor would change roulette spins and just stay there forever. The only way out was a power off reboot. Later, I found that when he was in this State, I was able to SSH in from another machine, and the system log revealed that/usr/libexec/lsd (the demon Services launch) was crashing repeatedly. I searched these forums and others and found a lot of ideas, and none helped.
No problem, however, I've got hourly backups time machine, right? Well, no. Apparently El Capitan did not have hourly backups so my most recent backup performed for some time in October, which was a month at the time. Not good.
Fortunately, I had a former boot disk that I put in an external enclosure and was able to start to experiment. The drive that I normally starts since was well - checks and repair disk permissions and everything that everything came back good, and I could read and write files in there very well.
After much experimentation and frustration, I was on the point of abandon and add another drive for a clean install and start moving more - a process that I * really * hate to do. But one last Web search and hopefully kicked my last set.
To do this, you'll need to be in a recovery, or ssh console in the machine or otherwise somehow to get to a command prompt boot from an external drive. Once you're there, follow these steps:
find/private/var/folders / | grep com.apple.LaunchServices | grep csstore
Note that if you boot from an external drive, you must run this command on the boot disk you are trying to fix. Just add the/Volumes/Whatever_Your_Boot_Drive_is the path, as follows:
find/Volumes/YourBootDriveHere/private/var/folders / | grep com.apple.LaunchServices | grep csstore
Who will find the database cache that uses Launch Services. They have long, random searching for names that end with csstor. Note each illustrates file, then delete them, by a command like this (obviously using some paths command above found instead of this example):
RM /private/var/folders/cd/someLongRandomNameHere/someFolderNumberHere/com.apple.L aunchService - whatever.csstore
If you are more careful, you can rename rather than delete them, so you can put back them if necessary. Which would look like this:
MV /full/path/like/shown/above/to/whatever.cssstore /full/path/like/shown/above/to/whatever.csstore.backup
After you delete or rename these files, restart your Mac. You should now be able to connect. Or at least it's finally, what worked for me. The connection has taken longer that normal - a few minutes - to regenerate these files, but the office finally appeared, and now I'm back to running on my normal boot drive.
Hope this helps someone.
Wow man you are a genius
I had my f...d iMac for 4 days after an update of 10.11.1 10.11.2, and he started to give me a real headache.
I did what you described, and it worked great!
Thank you very much!
-
Unable to update firmware DRAC6 past 1.10.13 on R610
Hello
I have a number of R610s I need to upgrade the DRAC firmware, so you can talk to our new management system. Most of them updated correctly when I left versions gradually 1.10.13 (their version) to 1.97.
About 7 of them, however, will not move past 1.10.13. I have the version of the 1.11 firmware available via TFTP; When I try to install this (via idracadm, starting from the local operating system or a separate box or through the administrative SSH console) I get first "Firmware update is not current" then 'Firmware update operation failed' when subsequent attempts until I have make a racreset. I tried clearing space by removing the logs of the system, I have done a factory reset, drained flea power and the problem persists.
I also tried to update from the Dell Repository Manager bootable media as shown here http://lonesysadmin.net/2011/03/07/the-easiest-way-to-update-a-dell-servers-firmware/. No joy.
Finally I tried the update to a new installation of CentOS; the upgrade appears to start but is never-ending; fwupdate s presents 'The Firmware update Operation failed'.
Is there any other approach, or y at - it logs I can check what goes wrong?
Thank you!
ClintonF_Dell,
The first things that I would look into what version of BIOS and the lifecycle of the R610 controller run. If you do not update those in tandem with iDrac you may encounter problems of this kind. If they're behind then I test this on one of them and get the BIOS and the LC caught up and see if after a racadm racreset and NVram clear as the iDrac allows you to update.
Also, have you tried to update the iDrac tab to update the iDrac with the firming.d6 file? To do this, for example, you download the iDRAC6_1.97_A00_FW_IMG.exe file and run it on a Windows system to extract the files, then find the file firming.d6 and save. Use it in the iDrac GUI tab updated. Now, I know that it is the current file name, so to keep walking until you need the 1.11 and so on.
These are the current versions, if you are far behind in these institutions, I recommend walk them up as well.
Lifecycle controller 1.6.5- http://www.dell.com/support/home/us/en/19/Drivers/DriversDetails?driverId=F7XJ1&fileId=3364056173&osCode=RH60&productCode=poweredge-r610&languageCode=EN&categoryId=SV
Let me know what you see.
-
Hello
We have a couple of AP1262N-E-K9 AP with firmware version 12.4 (25 d) JA1 operating in conceerne mode.
I tried to measure the quality of the signal between access points by a Repeater mode adjuster while all others are in root mode. Then I run the following command:
dot11 Dot11Radio 0 - the alignment of the antenna
Connected via the cable from the console, the following output is displayed:
#dot11 AP Dot11Radio 0 - the alignment of the antenna
Type escape sequence "control ^ ' to abort.
Response of 64d8.1486.f000 Signal-24 dBm
[...]
Response of 64d8.1486.f000 Signal-25 dBm
* 1 Mar 05:13:59.953: % DOT11-4-UPLINK_ESTABLISHED: the Interface Dot11Radio0, associated with 64d8.1486.f000 AP AP03 [no Wpa2 PSK]
However, being connected via SSH:
Dot11 AP # dot11Radio 0 - the alignment of the antenna timeout 2
Type escape sequence "control ^ ' to abort.
Type escape sequence "control ^ ' to abort. Timeout in 1 second.
Obviously, there is no action displayed during the scan.
So it must subsequently use the command 'show the antenna alignment' to get the values measured signal strength:
AP00 #sh alignment of the antenna-dot11
64d8.1486.f000 answer 25% of Signal 0 dBm
[...]
64d8.1486.f000 from 22% 0 dBm Signal response
There are two problems:
1. the output to 'see the dot11-alignment of the antenna' is incorrect, the value of % represents the signal strength in dBm without - (least). For example "-25 dBm" appears as "25% signal 0 dBm.
Now, I know that this is only a display error, but it is still not clean. Is this a known issue?
2. why the values of measured signal strength appear not on the SSH console during the test of the alignment of the antenna?
Is it compulsory to use the console to see these values? Or is it also a known bug that could be fixed in the latest versions of firmware?
Thank you for your support.
Often, this command is used for real bridges and when you're on the roof trying to align its usually from the console. If the output should vary between a console and a ssh session, no.... You are in the CLI anyway.
Your better off opening a TAC case on it because it looks like a bug of cosmetics.
Sent by Cisco Support technique iPhone App
-
Someone at - it issues after the update of VRT 2016-02-29-001?
Seems VRT last update broke the power of fire this morning in my lab at home. ASA X 5506. cannot install policies and syslog shows:
2 March 2016 04:16:05 snort [9939] of firepower: FATAL ERROR: dynamic detection library "/ var/sf/detection_engines/*GUID*/so_rules/protocol-scada.so" version 1.0 update with the version of the engine dynamic library 2.5 is not compatible with the current engine dynamic library ' / var/sf/detection_engines/*GUID*/libsf_engine.so ' version 2.4.
Seems/var/cisco/deploy/pkg/var/cisco/packages/modules-1910-x86_64/so_rules installed by the update a incompatible libraries...
Managed to solve the problem by connecting to the ssh/console and by:
sudo bash
CD/var/sf/detection_engines / * GUID *.
MV so_rules so_rules.old
ln-s/var/cisco/deploy/pkg/var/cisco/packages/modules-1908-x86_64/so_rules so_rulesReplace * GUID * above with the identifier unique on your system.
And then push policies. Required URL filtering a restart of the module in order to start working again.
Not sure, it is a recommended fix, but a good thing it is only a laboratory.
It happened to someone else here?
Hello
Yes, there was a problem with the SRU version and it was taken out of the OCC.
If you are on recommendation 6.0 is to upgrade the SRU that was released today and apply policy again.
Kind regards
Aastha Bhardwaj
Rate if this is useful!
-
GANYMEDE + and local access connection
Basic summary is that I want to have GANYMEDE + and local connection to access router on the vty lines. So, I did the two groups below. Goody obviously is what will use GANYMEDE and Console uses the local connections. I divide them between 0-4 and 5-15. It seems that whoever is more get first priority for authentication. If I move the Console to 0-4, knit then the local users and GANYMEDE do not. If I have Goody at 0-4, then GANYMEDE works, but local doesn't work. I know I'm missing something simple. Have two RADIUS servers, I doubt that the two will never back down, but in case I want user names Local to work. If I apply an access list to 4-0 and use SSH, as well as a list of different access to 5 15 and use telnet, it seems to work that way but doesn't help me if the internet goes down and I am trying to access the router via SSH on-site.
Thanks in advance.
David
AAA authentication login Goody group Ganymede + local
local authentication AAA Console connectionLine con 0
the Console connection authentication
line to 0
line vty 0 4
session-timeout 7
exec-timeout 5 0
authentication of connection Goody
entry ssh transport
line vty 5 15
session-timeout 7
exec-timeout 5 0
the Console connection authentication
entry ssh transportHi David -.
Correct me if I'm not understanding this correctly, but you want to use RADIUS servers for authentication ssh/console type and if they fail, you want the network device to use its local database.
If that is correct you should not need dividing lines and assign authentication lists. The first tribute that you have:
AAA authentication login Goody group Ganymede + local
Lists the Ganymede + and the local database as a possible authentication methods. They will be processed in the order they are configured so that the device will be:
1. use your servers GANYMEDE +.
2. If the GANYMEDE servers + inaccessible then the local database is used
You can test this by assigning 'Goody' to all your vty lines and then do your servers GANYMEDE + unavailable. To do as possible you can:
-Restart the server
-Stop the server interface
-Disconnect the device its uplink network
-Create a list of access on the uplink interface and connection block to the IP addresses of the servers GANYMEDE +.
I hope that helps!
Thank you for evaluating useful messages!
-
ASA - 1 >; en password: *, stuck at this point
Hello
I'm stuck at this point, pls advise, 9.x, OS
ASA - 1 > sh curpriv
Username: admin1
Current privilege level: 1
Current Mode/s: P_UNPR
ASA - 1 > en
Password: *---> > the enable password is cisco, but does not work
Password:Here is the config
Console to enable AAA authentication LOCAL ACS
Console Telnet AAA authentication LOCAL ACS
authentication AAA ssh console LOCAL ACS
ACS LOCAL console for AAA of http authentication
AAA accounting command privilege 15 ACS
AAA accounting enable ACS console
AAA accounting ssh console ACS
Console telnet AAA accounting ACS
AAA authorization exec-authentication serverenable password cisco
Thank you all
Hi Ibrahim.
It seems that your enable password is configured to be extracted from ACS server.
Console to enable AAA authentication LOCAL ACSPlease check on ACS or reset your password. If you have access to the consoles and remove the command and test.
Kind regards
Dinesh MoudgilPS Please rate helpful messages.
-
The AAA for PIX515E 6.3 rules (5)
Hello. If I wanted to configure the PIX for the authentication of an ACS server (for the purpose of management of PIX), what else would need apart from what follows:
AAA-server Admin-FW Protocol Ganymede +.
AAA-Server Admin-FW max-failed-attempts 3
AAA-Server Admin-FW deadtime 10
!
AAA-Server Admin-FW (inside) host 192.168.2.9 access timeout 10
!
console series FW-Admin-AAA authentication
Console telnet authentication AAA Admin-FW
authentication AAA ssh console Admin-FW
As far as I KNOW, I did not specify which IP addresses can someone telnet from to connect on the PIX. I tried the following, but I do not know I did not provide the correct instructions:
the AAA authentication include telnet inside 192.168.0.0 255.255.0.0 Admin-FW
... and I have a username / password to invite him on the PIX but it keeps asking for a user name and password. I know my account GANYMEDE is good because I can connect on the routers with the same details as what I use to authenticate on the PIX.
I also ran a debugging on the PIX when I was trying to authenticate. The output is attached.
Thank you
Timothy
Hi Tim,.
There is no need to order,
the AAA authentication include telnet inside 192.168.0.0 255.255.0.0 Admin-FW
Try it now and see if you get hits on ACS. Incase it is not working, pls get again him debugs.
Thank you
Jagdeep
Maybe you are looking for
-
Why my Add ons uninstall whenever I restart Firefox?
I re - install add ons, but whenever I restart, they are all gone once more. I uninstalled Firefox and re-installed and I still have the same problem.
-
keyboard has suddenly stopped working
Hi all, my keyboard has suddenly stopped working. I was installing an upgrade of El Capitan (later) and when the computer is restarted, it gave me this message that the bluetooth keyboard was not detectable. Well, I don't have an external keyboard, j
-
compatible product for printer / photosmart premium to individual ink colors
Can someone suggest and similar for the best as a replacement for my printer photosmart/premium. Also is there all of the printers that use individual inks as I believe that these new lights to be expensive cartridges. Thank you
-
Scrolling touch pad has stopped.
Scrolling touch pad has stopped working when you slide your finger upwards & downwards the edge on the right side, what could be wrong?
-
authetication affectedly 802.1 x Vlan dynamic by a radius server
Hello At school, I want to start using authentication for 802. 1 x affectedly Vlan dynamic by Radius Windows Server 2012R2. When a student logs in, I want it to be placed in the Vlan 'Students', when an Administrative employee logs in, I want it to b