Assigning a remote user to a specific shell on the CM and Passport.

A remote user is defined as a user that is authenticated remotely (radius, tacacs, etc).  This shows how to assign a specific shell to a remote user via the CLI of the CM and Passport. 

There are 1 of these 4 shells you can use:

--/bin/csm.master = Port access menu (vts.master on the CM)
--/bin/editconf = configmenu
--/bin/bash = CLI
--/bin/menu = Custom menu

The shell program will be set according to the following rules:

* If there is no 'radmin' local user, shell program will be the program of 'admin' user (configmenu by default).
* If there is an 'radmin' local user but the user ID is not equal to 499, shell program will be the program of 'admin' user.
* If there is an 'radmin' local user and the user ID is equal to 499, shell program will be the program of the 'radmin' user.


If you want to specify a shell program of a remote authenticated user, you need to add an 'radmin' user with UID 499 and GID 500 in the /etc/passwd and /etc/shadow files as follows:






If there is an 'radmin' user with UID 499, you cannot add, remove or edit this user through the WEB UI.

Whichever shell you specify in /etc/passwd for radmin is what all your remote users will get once authenticated.


Last updated: May 21, 2019

Recently Viewed

No recently viewed articles