Well as the title says, sadly we bought our FAS6210 without CIFS/NFS license. Thus, in order to create the folder structure/add the authorized_keys file, you’ll have to work for your money a little bit.
First, you need to run cifs setup / cifs passwd somewhere. I did it on our Data ONTAP simulator, which comes in handy for things like that.
You’ll get a cryptic looking password (no clue which format that is), looking like this: _OnWddr)xa.
Now, in order for the ftpd process to work, you need to create a /etc/passwd file. Usually the cifs setup would take care of that, but since we don’t own a CIFS license and I didn’t wanna add a trial license, I simply did what I described above on our simulator.
Now, open a SSH session with your filer. Create a new /etc/passwd file using wrfile. The new passwd file should look like this:
1 2 3 4 |
root:_OnWddr)xa.:0:1::/: pcuser::65534:65534::/: nobody::65535:65535::/: ftp::65533:65533:FTP Anonymous:/home/ftp: |
Now make sure, to replace the whole string in between the double dots with the one you got from the output of cifs passwd. After that is done, enable the FTP daemon using the options command:
1 |
; html-script: false ]options ftpd.enable on |
Now, create your authorized_keys file somewhere (I exported my Public Key using PuTTygen), and from there open a ftp sessions with your root user on the filer. In the ftp shell run this:
1 2 3 4 5 6 7 8 |
cd /etc/sshd mkdir root cd root mkdir .ssh cd .ssh lcd D:userschrischieDesktop prompt mput authorized_keys |
The above example asumes that you created the authorized_keys file in the folder Desktop (that’s where my Desktop folder is, so replace it to suit your needs). Afterwards, disable the FTP daemon again:
1 |
options ftpd.enable off |
And, tada … enjoy SSH password-less with your shiny public key.
2 thoughts to “NetApp FAS/Data ONTAP public key authentification with CIFS/NFS license”