- Community Home
- >
- Networking
- >
- Switching and Routing
- >
- Aruba & ProVision-based
- >
- How to access enable level on a Procurve switch wi...
-
- Forums
-
- Advancing Life & Work
- Advantage EX
- Alliances
- Around the Storage Block
- HPE Ezmeral: Uncut
- OEM Solutions
- Servers & Systems: The Right Compute
- Tech Insights
- The Cloud Experience Everywhere
- HPE Blog, Austria, Germany & Switzerland
- Blog HPE, France
- HPE Blog, Italy
- HPE Blog, Japan
- HPE Blog, Middle East
- HPE Blog, Russia
- HPE Blog, Saudi Arabia
- HPE Blog, South Africa
- HPE Blog, UK & Ireland
-
Blogs
- Advancing Life & Work
- Advantage EX
- Alliances
- Around the Storage Block
- HPE Blog, Latin America
- HPE Blog, Middle East
- HPE Blog, Saudi Arabia
- HPE Blog, South Africa
- HPE Blog, UK & Ireland
- HPE Ezmeral: Uncut
- OEM Solutions
- Servers & Systems: The Right Compute
- Tech Insights
- The Cloud Experience Everywhere
-
Information
- Community
- Welcome
- Getting Started
- FAQ
- Ranking Overview
- Rules of Participation
- Tips and Tricks
- Resources
- Announcements
- Email us
- Feedback
- Information Libraries
- Integrated Systems
- Networking
- Servers
- Storage
- Other HPE Sites
- Support Center
- Aruba Airheads Community
- Enterprise.nxt
- HPE Dev Community
- Cloud28+ Community
- Marketplace
-
Forums
-
Blogs
-
Information
-
English
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
02-16-2017 05:03 PM
02-16-2017 05:03 PM
How to access enable level on a Procurve switch without hardcoding a password?
We have a large number of ProCurve 2920 switches, and would like to automate backing up their config files to a TFTP or SFTP server. The switches are set up for ssh-only access, no telnet.
I first thought I could use PuTTY, psftp, and the Pageant ssh key management program to do this, but I have run into a problem: Manager (enable) level on these switches cannot be accessed using a public key. We really don't want to have to configure RADIUS just for these switches, and I recoil at the idea of hard-coding a cleartext password into a script.
Does anyone have an alternative? We are a Windows shop, so RANCID is not really an option.
K-12 IT support staffer
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
02-17-2017 08:08 AM
02-17-2017 08:08 AM
Re: How to access enable level on a Procurve switch without hardcoding a password?
Hi,
You try the below command and let me know if it helps.
HPE(config)#aaa authentication login privilege-mode
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
02-20-2017 04:18 PM
02-20-2017 04:18 PM
Re: How to access enable level on a Procurve switch without hardcoding a password?
Windows now gives you a free Radius server, so it's actually quite easy to setup, and definitely makes your security look a lot more professional.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Email to a Friend
- Report Inappropriate Content
02-23-2017 07:11 PM
02-23-2017 07:11 PM
Re: How to access enable level on a Procurve switch without hardcoding a password?
You should be able to authenticate via public key. I assume you've copied the key to the switch? You'll also need to configure SSH for public key auth:
(config)# aaa authentication ssh enable public-key none
(config)# aaa authentication ssh login public-key none
The switch log should also tell you how the session was authenticated:
I 02/23/17 14:30:09 03344 ssh: User mpatmon : SSH session established with
public-key authentication
Hewlett Packard Enterprise International
- Communities
- HPE Blogs and Forum
© Copyright 2021 Hewlett Packard Enterprise Development LP