HPE Community
Aruba & ProVision-based
1752782 Members
6161 Online
108789 Solutions
New Discussion

HPE Aruba 2540 - Local User bypass "Enable"

 
TimGrave
Occasional Visitor

‎01-09-2019 06:06 AM - edited ‎01-09-2019 06:15 AM

‎01-09-2019 06:06 AM - edited ‎01-09-2019 06:15 AM

HPE Aruba 2540 - Local User bypass "Enable"

Hi everybody,

We've got a couple of HP Aruba switches in our network which we wish to backup through Oxidized.

I've got most of them to work but sadly I'm running into a small issue with 2 remaining switches.

I"ve created a local user that needs to have access to the command "show run" through CLI/SSH.

The user is called "backup" and I've added the following strings.

aaa authorization group BCK 1 match-command "command:sh *" permit
aaa authentication local-user backup group BCK password plaintext
aaa authentication login privilege-mode

Except, when i login with the backup user, it asks me to enter privilege mode via the command "enable" and I need to login a second time.

Oxidized needs access to the config without using "enable".

I've got the idea it has something to do with us setting the operator and manager password through CLI instead of SETUP.

password manager
password operator

 

Is there a way I can bypass the enable command? So the backup user has these privileges right away?

With kind regards,

Tim

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.