ONTAP Discussions

Multiple SSH connections to console

chrism
12,512 Views

Currently having an issue where multiple AD user accounts cannot access the console via SSH at the same time. The AD group was added via useradmin domainuser add and the group was mapped to the local Administrators group. However, after the first user is logged in the second user is allowed to login with their credentials and the command window closes immediately afterward. Is this an issue where the default behavior is to treat both as interactive sessions, of which only one is allowed at once?

Would changing the telnet.distinct.enable option to on resolve it? Even though they're SSH sessions? Thanks!

1 ACCEPTED SOLUTION

tjlee
12,512 Views

Hi Chris,

Hopefully I'm understanding your question correctly... You can have multiple individuals sending "commands" to the console via SSH, but only one can be logged via the interactive shell.

Multiple = ssh [-1|-2] [-6] -l username {IP_addr|hostname} command

Single = ssh [-1|-2] [-6] -l username {IP_addr|hostname}

Taht being said, you also have a user connected to the interactive shell and other users send commands... kind of a hybrid model 😉

Cheers, Tony

View solution in original post

4 REPLIES 4

tjlee
12,512 Views

Hi Chris,

Only one interactive SSH or Telnet shell can be opened at the same time.  That being said, you can get access simultaneously from the console interface (RLM, BMC, Serial Port) and the remote login session (Telnet, SSH).

Cheers, Tony

chrism
12,512 Views

Hi Tony,

I understand about being limited to only one interactive session. I'm curious as to why two different users logging into the filer via SSH aren't being allowed concurrent access by default. According to the documentation OnTap supports up to 24 concurrent sessions. Is an SSH session not treated as a distinct session (non-interactive) by default and as such, do we need to modify that telnet.distinct.enable option to adjust the behavior? Currently the system is not allowing two users whose AD domain group has been added to the filer's local Administrators group aren't being allowed concurrent access. Only one at a time can SSH into the filer.

Thanks for replying!

tjlee
12,513 Views

Hi Chris,

Hopefully I'm understanding your question correctly... You can have multiple individuals sending "commands" to the console via SSH, but only one can be logged via the interactive shell.

Multiple = ssh [-1|-2] [-6] -l username {IP_addr|hostname} command

Single = ssh [-1|-2] [-6] -l username {IP_addr|hostname}

Taht being said, you also have a user connected to the interactive shell and other users send commands... kind of a hybrid model 😉

Cheers, Tony

chrism
12,512 Views

I guess I was confused. I was under the impression that multiple users could be logged into the console via SSH, but now I see that that's what is referred to as an interactive session. The document refers to "up to 24 simultaneous SSH sessions" but in reality it's really more of a connection to send a command. Thanks for the clarification.

Public