Aruba & ProVision-based
cancel
Showing results for 
Search instead for 
Did you mean: 

Have SSH sessions start at the "Manager Exec" prompt (Enable prompt)

 
jgs240
Occasional Contributor

Have SSH sessions start at the "Manager Exec" prompt (Enable prompt)

I received a new HP/Aruba 2920 (WB.15.15.0012) and deployed to a remote site.  I just figured out it is not getting backed up by our backup solution because when the backup solution logs into the switch it is expecting the "#" prompt and is instead getting the ">" prompt.  

I could configure a seperate group in the backup system and program it to work around this, but for uniformity and management sake, I would prefer to change the switch so that when I SSH into it the switch defaults to exec mode instead of operator mode.  

How do I do this?  

2 REPLIES
Ian Vaughan
Honored Contributor

Re: Have SSH sessions start at the "Manager Exec" prompt (Enable prompt)

Hello,

Are we talking about a login with a local account or is the "backup user" using RADIUS auth to access the switch?

I may be oversimplifying things but if we are talking about a local account can't you just change the name of the manager account on the switch so that the backup process logs in as that named account?

# password manager user-name <USERNAME>

This works for me and drops me at the correct "#" prompt.

The one stumbling block I've found is the uber-annoying "hit any key to continue" - I'd love to get rid of that - Kudos to anyone who has the magic cure.

Hope that gives you a clue. Let us know how you get on and what you find.

Thanks

Ian

Hope that helps - please click "Thumbs up" for Kudos if it does
## ---------------------------------------------------------------------------##
Which is the only cheese that is made backwards?
Edam!
Tweets: @2techie4me
TerjeAFK
Respected Contributor

Re: Have SSH sessions start at the "Manager Exec" prompt (Enable prompt)

We are wandering a bit off topic, but we have several 2920 switches and I never get the "hit any key to continue" message after login. Perhaps because we have configured a banner message on the switches? 2520 on the other hand......

Back to the topic: if this is using Radius authentication, then you need to return two attributes from the Radius server to the switch for direct manager level access (we are using ClearPass for Radius):

Type                                                    Name                          Value
1.  Radius:Hewlett-Packard-Enterprise HPE-Privilege-Level   0
2.  Radius:IETF                                      Service-Type            Administrative-User (6)