ONTAP Discussions

SSH admin Login without password - Domain Group User


Hi there. I've reviewed the following link, but have a unique (surely not) problem.



My admin user account is part of an AD Admin Group, the GROUP has access to logon to the Cluster & we are not allowed to have individual account access. They want admin access controlled through the AD group. So thats all fine and works, but I want to setup key pair login with my AD authenticated account via SSH. The above article says I need my own individual account access on the cluster to upload my pub key.


I guess I'm wondering if my AD auth can be forwarded to either System Manager or my SSH session? OR how do I make SSH login work with a key pair while using an AD Group account? Hopefully that makes sense.





I tried running through your request in one my lab but i am not able to create either recommendation that you requesting.

I have shared below a TR regarding Multifactor Authentication in ONTAP that might be helpful:






Thanks for your efforts. I'm trying to log into the CLI without having to type a password. I have to log in to different clusters about 30 times a day. That's 30 times I need to type in a complex password.


I'm looking for a way to authenticate by passing through my already authenticated windows AD session... or any other way, like public/private key but it has to work with my account being part of an AD group. 


It seems ONTAP does not currently support this. Maybe a feature request? What about a tick box on the System Manager login page like vSphere has to use your current session credentials to authenticate?