How to deny NSH access

This topic was edited by a BMC Contributor and has not been approved.  More information.

In the past, removing a role's ability to use Network Shell involved a complex process of creating an empty role and assigning the default Network Shell role for that role as the empty role, along with removing the NSH Here custom command.

A much simpler process is now available for removing NSH access from a role.

To remove NSH access from a role

  1. Ensure you have a NSH Proxy server configured in your environment. 
    For more info, see Setting up a Network Shell proxy server
    Without an NSH Proxy enabled, this system will not work, as the NSH Proxy can only control the connections that go through it.
  2. Update RBAC authorizations in the relevant role, and then save the role.
    • To deny NSH access, remove the NSHProxy.Connect authorization.
    • To allow NSH access, add the NSHProxy.Connect authorization.

Was this page helpful? Yes No Submitting... Thank you

Comments