Authenticating with Network Shell
When you use Network Shell in conjunction with a Network Shell Proxy Server, you must first authenticate. After you successfully authenticate, you are issued a session credential, which grants you access to the proxy server.
If you are using Network Shell interactively, you can obtain a session credential using either of the following methods:
- Through the BMC Server Automation Console:
- Open the login dialog as you normally would.
- Select Options, to display additional authentication choices.
- Select Save Credential for this session.
- Select Connect to authenticate.
A session credential is cached, even if you exit the console.
- Using the
blcredcommand line utility:
blcredutility is not part of the standalone NSH installer. It is only part of the Application Server installer and the Console installer. Therefore, to use NSH with a NSH Proxy server you must be using NSH that was installed through one of those installers.
For more information about using
blcredto obtain a session credential, refer to the
blcredman page. Alternatively, BMC technical documentation shows some typical scenarios for using
blcredat Administering security.
If you are using Network Shell to connect directly to servers without routing traffic through a Network Shell Proxy Server, you cannot obtain session credentials unless you are using NSH through a session that was called with the NSH Here custom command. Instead, NSH sends the user name that you used to log on to your NSH client system. For example, if you log on with a local account name of user1, NSH sends a request to connect to the RSCD agent as user1. If no matching mapping entry exists in the target RSCD's exports, users or users.local file for user1, you will not gain access, and you will not gain access if there is no entry in the exports file that allows your NSH client system to connect to the RSCD agent.