ONTAP Recipes

ONTAP Recipes: Easily configure SSH Multifactor authentication for administrator accounts (MFA)


ONTAP Recipes: Did you know you can…?


Easily configure SSH multifactor authentication for administrator accounts (MFA) in ONTAP 9.3


In ONTAP 9.3, you can require that administrators log in to an admin or data SVM with both an SSH public key and a user password.


  1. Enable SSH MFA for a local user account:

cluster-1::> security login create -vserver engData1 -user-or-group-name admin2 -application ssh -authentication-method publickey -role admin -secondauthentication-method password


Please enter a password for user 'admin2':

Please enter it again:

Warning: To use public-key authentication, you must create a public key for user "admin2"


 2. Create a public key for the administrator:


cluster1::>security login publickey create -vserver engData1 -username admin2 -index 5

-publickey  “ssh-rsa AAB3NzaC1yc2EAAAABIwAAAIEAspH64CYbUsDQCdW22JnK6J/vU9upn






For more details on SSH MFA authentication, see “Enabling SSH Multifactor Authentication” in the Administrator Authentication and RBAC Power Guide





Register for Insight 2021 Digital

INSIGHT 2021 Digital: Meet the Specialists 2

On October 20-22, gear up for a fully digital, totally immersive virtual experience with a downright legendary lineup of world-renowned specialists. Tune in for visionary conversations, solution deep dives, technical sessions and more.

NetApp on Discord Image

We're on Discord, are you?

Live Chat, Watch Parties, and More!

Explore Banner

Meet Explore, NetApp’s digital sales platform

Engage digitally throughout the sales process, from product discovery to configuration, and handle all your post-purchase needs.

NetApp Insights to Action
I2A Banner