Highlighted
Karl2 Super Contributor.
Super Contributor.
961 views

Connection over ssh - 'challenge'

Jump to solution

Good afternoon,

I want to access to the Arcsight logger appliance througth SSH,

We have enabled SSH on Logger Web Interface(System Admin>SSH>Enabled, on this logger We don't have to request a code to enable it),

I can connect to the logger via SSH 'succesfully', but only with root user( i think that the other users we have on logger is only for web access)

with the default password, but the next thing I have to answer is a 'challenge':

     Last login: Sat Jun 29 ..

     Challenge is 66320. Enter response:

(obviously, each time I want to connect, the 'challenge' changes)

I have no idea about the 'challenge'(I think that it is another authentication, but We have not enabled it and I don´t know where I can find something to answer or how to disable it)

Does any one knows where I can disable the 'Challenge' or how to answer it?

Thanks in advance,

Kind regards.

Labels (1)
0 Likes
Reply
1 Solution

Accepted Solutions
Karl2 Super Contributor.
Super Contributor.

Re: Connection over ssh - 'challenge'

Jump to solution

Dear All,

thanks for All your replies,

At the end, I opened a SR to request Activation Code, also they suggest me update  CA's version(newer versions can send commands from web interface, as jring told me), so perhaps We will update CA.

Best Regards.

0 Likes
Reply
13 Replies
jring1 Frequent Contributor.
Frequent Contributor.

Re: Connection over ssh - 'challenge'

Jump to solution

Hi,

you have to open a case and hope support answers it in time to give you a response...

As for how to get rid of it... there's some instructions here on the forum once you have a root shell - search for "root access". But you might technically loose support for your appliance if you do that.

Joachim

0 Likes
Reply
Karl2 Super Contributor.
Super Contributor.

Re: Connection over ssh - 'challenge'

Jump to solution

Hi,

Thanks, I'll try to open a SR.

Regards.

0 Likes
Reply
krishnas7777
New Member.

Re: Connection over ssh - 'challenge'

Jump to solution

Hi Karl,

When you access SSH of a logger appliance as root, Please make sure that you keep the SSH open until you have a reply from support with the "Response Code". Terminating the session and again accessing will prompt for a response against a different challenge. Ideally support used to e-mail the response code quite fast.

Thanks,

Krishna

0 Likes
Reply
Karl2 Super Contributor.
Super Contributor.

Re: Connection over ssh - 'challenge'

Jump to solution

Hi,

Does this means that We can access to Connector Appliance via ssh only if We contact to HP-support previously?(I did it some months ago- in another connector appliance-, but I think that is not confortable, because each time We want to access in order to do any simple operation, such as test connectivity with another machine, or whatever, we'd have to contact to support).

Regards.

0 Likes
Reply
krishnas7777
New Member.

Re: Connection over ssh - 'challenge'

Jump to solution


Hi Karl,

I hope the thread was on Logger

Nope, there are few other ways to access the CA. But if your are doing an SSH you need a response code against a challenge code(You need to get the code from support , no other way). SSH was called as Support login, i hope we need less operation via SSH. New version of CA the GUI itself is good.

Well you can connect to your CA using HP ProLiant Integrated Lights-Out (iLO), but you should have the setup.

Thanks,

K

0 Likes
Reply
Karl2 Super Contributor.
Super Contributor.

Re: Connection over ssh - 'challenge'

Jump to solution

Hi,

Sorry Krishnakumar, the thread is related to CA and not to the logger(it was my mistake because I am working with a logger, thats why I mentioned it in the description instead CA).

The ILO it is a great idea(CA has 4 interfaces), but We haven't installed it, yet(it depends of the client).

By the way, Can I 'send commands'(like ping, telnet, etc) from CA web interface??

(on system admin I can not see nothing related to this). otherwise, I'll open a SR to HP,

Regards.

0 Likes
Reply
krishnas7777
New Member.

Re: Connection over ssh - 'challenge'

Jump to solution


No you cannot send these commands in CA using its web interface.

Thanks,

K

0 Likes
Reply
jring1 Frequent Contributor.
Frequent Contributor.

Re: Connection over ssh - 'challenge'

Jump to solution

Hi,

actually you can ping, nslookup, traceroute and even do a basic portscan via the connapp web interface. Go to Setup->System Admin->Diagnostic Tools and choose the tool in the dropdown menu. You'll probably need admin privileges to do that.

As for having permanent ssh access - there's ways to get that after you have it once. HP just doesn't like it and might refuse to support the box if they find out...

Joachim

0 Likes
Reply
Karl2 Super Contributor.
Super Contributor.

Re: Connection over ssh - 'challenge'

Jump to solution

Hi Jring,

I can't find 'Diagnostic Tools' in System Admin,

My user has admin privileges(it is in Default System Admin Group).

BTW, do you know where I can check the CA's version?

Kind regards.

0 Likes
Reply
jring1 Frequent Contributor.
Frequent Contributor.

Re: Connection over ssh - 'challenge'

Jump to solution

Hi,

I have Diagnostic Tools in System Admin as the last item under System in the tree view on the left hand side... Maybe you need to click on System to expand it...

For the connapp (or logger version) you can either hover with the mouse over the arcsight logo in the upper left corner and watch out for the tooltip or go under System Admin->System and choose License & Update.

Regards,

Joachim

0 Likes
Reply
Karl2 Super Contributor.
Super Contributor.

Re: Connection over ssh - 'challenge'

Jump to solution

Hi,

I don't have it (it doesn't expand)

systemTree.png

Current version is 5.5.1

Anyway, Thanks for you support .. IDK if theres another way to test connectivity without open a SR.

karl.

0 Likes
Reply
jring1 Frequent Contributor.
Frequent Contributor.

Re: Connection over ssh - 'challenge'

Jump to solution

It's already expanded, I think. We're on 6.3 - current is 6.4.x - there was a few patches for 6.4...

Joachim

0 Likes
Reply
Karl2 Super Contributor.
Super Contributor.

Re: Connection over ssh - 'challenge'

Jump to solution

Dear All,

thanks for All your replies,

At the end, I opened a SR to request Activation Code, also they suggest me update  CA's version(newer versions can send commands from web interface, as jring told me), so perhaps We will update CA.

Best Regards.

0 Likes
Reply
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.