Avocent ACS Cyclades commands

9 years ago by with no comments and 5928 Views
Miscellanous

Reset the device to default

defconf

Reboot the box

/sbin/reboot

Power Down (stops and prompts for power down, but will eventually reboot)

/sbin/powerdown

Default login credentials

root/tslinux

 

Start the IP config wizard
wiz

Set motd. You can also set the path in /etc/ssh/sshd_conf if you want it some place else
touch /etc/motd
edit motd and add your banner

Configuration that can be done in the WebUI can also be done in
/etc/portslave/pslave.conf

SSH configuration is done in
/etc/sshd/sshd.config

SSL configuration is done in
/etc/ssl_version.conf

Add files to backup script
/etc/config_files

When you make a configuration change, you’ll need to activate the change with
signal_ras HUP

Save changes by executing
saveconf
The saveconf command creates an archive of the files listed in /etc/config_files and
saves it to /mnt/flash/config.tgz. From there you can copy to another location for backup.

Exiting the TS_MENU
~.

If you’re in a device and you want to exit out of the device and TS_MENU
~~..

Script to stop iptables and permit everyone (fail safe)

#!/bin/sh 
echo “Stopping firewall and allowing everyone…” 

iptables -F 
iptables -X 
iptables -t nat -F 
iptables -t nat -X 
iptables -t mangle -F 
iptables -t mangle -X 
iptables -P INPUT ACCEPT 
iptables -P FORWARD ACCEPT 
iptables -P OUTPUT ACCEPT

In a Cisco IOS device CTRL + Z exits you from configuration mode to privilege mode. When connected via the ACS device, CTRL + Z pops the menu for connecting. You can change the CTRL + Z in ACS . You change it in /etc/portslave/pslave.conf (look for all.escape_char)

Setting the SSH protocol to v2 only. In /etc/ssh/sshd_config edit the Protocol line and set it to 2
Port 22
Protocol 2

You set the authentication parameters in /etc/ssh/sshd_conf
LoginGraceTime    1
MaxAuthTries      3

Configure user profiles so they automatically run ts_menu upon login. Append to the end of the /etc/profile
if [ “$USER” != “root” ]; then
# trap exit INT
ts_menu
exit
fi
HINT – Remove the trap line if the user should be able to get a shell by pressing CTRL + C .

Here is a script to reset the ports on ACS. Place the script in /home and make it executable (chmod 755). All users will have access to run the script.
#!/bin/sh
for i in `ps -ax |grep “RW_srv”| grep -v “grep” |cut -f3 -d” “`
do
kill -15 $i
done

Add the username mmessier to the local user database
adduser mmessier admin no password mYsEcReT

Set ports access with groups/users. Use vi editor to edit /etc/portslave/pslave.conf and add the following lines
# Create User Groups
conf.group network_ops: mmessier, agraves, mrichter
conf.group ITSec: sstevens,mbroduer,jpandolfo
# Assign Groups to Ports
all.users network_ops
s1.users ITSec, network_ops
s6.users ITSec, network_ops

Edit your /etc/pam.d/tacplus, /etc/pam.d/tacplusdownlocal or /etc/pam.d/tacpluslocal file and change the account and session lines to use the PAM module pam_permit.so instead of pam_tacplus.so. E.g. for the /etc/pam.d/tacplus file configure the following
#account required pam_tacplus.so
account required pam_permit.so
#session required pam_tacplus.so
session required pam_permit.so

Root password reset
If you forget your root password and want to recover it, you can do so by accessing the ACS via the console port and rebooting the box. During the boot process,
when you see the line:

“Linux/PPC load: root=/dev/ram ramdisk=0x0000F000”

You must press the space key once, type single and press enter (see diagram below). The ACS will continue the boot process and will give you the root prompt.

Hardware boot.

Entry Point = 0x00002120

loaded at: 00002120 00B9B3CC
relocated to: 00800020 013992CC
board data at: 01396024 0139623C
relocated to: 00806730 00806948
zimage at: 00807150 008A9FB3
initrd at: 008AA000 013956F4
avail ram: 0139A000 08000000

Linux/PPC load: root=/dev/ram ramdisk=0x0000F000 single

With the root prompt you can change the password using the command passwd. You will have to reboot the unit again for the new password to take effect.

[root@(none) /]# passwd root
New password: tslinux
Re-enter new password: tslinux
Password changed
[root@(none) /]# saveconf
[root@(none) /]# reboot

 

 

Post Views: 3,796

Leave a Reply