Remote Role configuration - Terminal Access

Question

Hi all,&nbsp;
I've started looking again at LDAP authentication for our F5's again.&nbsp;
I've got th LDAP group set up and can log in just fine. But its the Terminal Access which is bugging me. I don't want TMSH, but I do want something, but I just can't find a value that is accepted when you select Other from the drop down list.&nbsp;
All users in the LDAP group are administrators, so full access is required. When the accounts were set up individually, Advanced Shell would be used - so this would be ideal.&nbsp;
 &nbsp;
Thanks in advance.&nbsp;
Ant&nbsp;

nitass · Answer

All users in the LDAP group are administrators, so full access is required. When the accounts were set up individually, Advanced Shell would be used - so this would be ideal.i understand advanced shell is not an option. 
&nbsp;  
&nbsp; sol10272: Accessing the bash shell as a remotely authenticated user 
&nbsp; http://support.f5.com/kb/en-us/solutions/public/10000/200/sol10272.html

anthony · Answer

Thanks very much nitass, I will have a read.  
&nbsp;  
&nbsp; Ant

anthony · Answer

Ok that works fine. 
&nbsp;  
&nbsp; Do you happen to know if there is a way to execute the run /util bash command upon login, much like a .profile file? 
&nbsp;  
&nbsp; Thanks again, 
&nbsp; Ant

nitass · Answer

Do you happen to know if there is a way to execute the run /util bash command upon login, much like a .profile file?i am not aware of it. anyway, in case of bigpipe, you may have a look "/usr/bin/bpsh" script file but, you know, modifying file content is not officially supported. 
&nbsp;  
&nbsp; by the way, there is request for enhancement to allow bash for remote user as below. you may open a support case to expedite the process. 
&nbsp;  
&nbsp; ID358740 - RFE Allow bash as a shell option for remote users

anthony · Answer

Hi, I stumbled upon a topic which recommended changing the /etc/passwd file and adding a line in the for the remote log in name such as: 
&nbsp; my_remote_user:x:0:0:my_remote_user:/home/my_remote_user:/bin/bash 
&nbsp;  
&nbsp; I have done this and it works just fine for what I need so I'm happy now. I think the shell option for remote users would be advantageous though in a future release.  
&nbsp;  
&nbsp; Thanks again for your help as always! 
&nbsp; Ant &nbsp;

Forum Discussion

Remote Role configuration - Terminal Access

10 Replies

Recent Discussions

BIG-IP DNS: Check Status Of Multiple Monitors Against Pool Member

Open Redirection Mitigation

F5Access | MacOS Sonoma

enable tls1.2 on management interface on F5 ltm running version 10.x

[ASM] - what is "Browser Challenge file" ?

Related Content

Automated backup F5 configuration to remote server

How I did it - "Configuring remote logging for F5 Distributed Cloud Services"

Configure NGINX microgateway for MTLS termination and client certificate hash verification

TACACS+ Remote Role Configuration for BIG-IP

BIG-IP Configuration utility unauthenticated remote code execution vulnerability CVE-2023-46747