stcli security Commands

stcli security Commands

Security related operations.

stcli security [-h] {password | whitelist | ssh | encryption}

Syntax Description

Option

Required or Optional

Description
password

One of set required.

Commands supported in the Storage security password manipulation namespace.
ssh

One of set required.

Commands supported in the Storage security ssh namespace.
whitelist

One of set required.

Commands supported in the Storage security ip whitelist namespace.
encryption

One of set required.

Commands supported in the Storage security encryption namespace.

Command Default

None. One option from the set is required.

Usage Guidelines

Accompany the stcli security command with one of the positional arguments enclosed in { } or optional arguments enclosed in [ ].

stcli security encryption Commands

Encryption management operations.

stcli security encryption [-h] {ucsm-ro-user}

Syntax Description

Option

Required or Optional

Description
ucsm-ro-user

Required.

Commands supported in the security encryption UCSM RO user namespace.

Command Default

None.

Usage Guidelines

Accompany the stcli security encryption command with one of the positional arguments enclosed in { } or optionally, the arguments enclosed in [ ].

stcli security encryption ucsm-ro-user Commands

Encryption UCSM read only (RO) user operations.

stcli security encryption ucsm-ro-user [-h] {show | create | delete}

Syntax Description

Option

Required or Optional

Description
create

Required one of set.

Create UCSM RO user.
delete

Required one of set.

Delete UCSM RO user.
show

Required one of set.

Show UCSM RO user credentials.

Command Default

None.

Usage Guidelines

Accompany the stcli security encryption ucsm-ro-user command with one of the positional arguments enclosed in { } or optionally, the arguments enclosed in [ ].

stcli security encryption ucsm-ro-user create Command

Encryption UCSM read only (RO) user create operations.


Important

Please enter password when prompted.

stcli security encryption ucsm-ro-user create [-h] --hostname HOSTNAME [--username USERNAME]

Syntax Description

Option

Required or Optional

Description
--hostname HOSTNAME

Required.

UCSM host name.
--username USERNAME

Optional.

 UCSM user name.
Note 

The UCSM user used to create the RO user should be the local UCSM user, and not an LDAP or AD user.

Enter UCSM admin level password when prompted.

Command Default

Username default is admin.

Usage Guidelines

Accompany the stcli security encryption ucsm-ro-user create command with the required arguments with leading two dashes (--), and optionally, the arguments enclosed in [ ].

stcli security encryption ucsm-ro-user delete Command

Encryption UCSM read only (RO) user delete operations.


Important

Please enter password when prompted.

stcli security encryption ucsm-ro-user delete [-h] --hostname HOSTNAME [--username USERNAME]

Syntax Description

Option

Required or Optional

Description
--hostname HOSTNAME

Required.

UCSM host name.
--username USERNAME

Optional.

UCSM user name. Must be UCSM admin level user.

Enter UCSM admin level password when prompted.

Command Default

Username default is admin.

Usage Guidelines

Accompany the stcli security encryption ucsm-ro-user delete command with the required arguments with leading two dashes (--), and optionally, the arguments enclosed in [ ].

stcli security encryption ucsm-ro-user show Command

Encryption UCSM read only (RO) show users.

stcli security encryption ucsm-ro-user show [-h]

Command Default

None.

Usage Guidelines

Accompany the stcli security encryption ucsm-ro-user show command optionally, the arguments enclosed in [ ].

stcli security password Command

SSH key management operations. Sets user password for all the controller VMs in the storage cluster.


Important
Enter password when prompted

stcli security password set [-h] [--user USER]

Syntax Description

Option

Required or Optional

Description
set

Required.

Sets user password for all the controller VMs in the storage cluster.
--user USER

Optional.

User must be either admin or root. User root is assumed if not specified.

Command Default

Default controller VM username, root and password, Cisco123.

Usage Guidelines

Accompany the stcli security password set command with one of the optional arguments enclosed in [ ].

stcli security ssh Command

SSH key management operations. Resyncs SSH keys in storage cluster.

stcli security ssh [-h] resync

Syntax Description

Option

Required or Optional

Description
resync

Required.

Resyncs SSH keys in storage cluster.

Command Default

None.

Usage Guidelines

Run the stcli security ssh command with the resync positional argument, or include the optional arguments enclosed in [ ].

stcli security whitelist Commands

IP tables white-listing operations.

stcli security whitelist [-h] [list | add | remove | clear}

Syntax Description

Option

Required or Optional

Description
add

One of set required.

Adds IP addresses to IP table white-list.
clear

One of set required.

Clears IP addresses from IP table white-list.
list

One of set required.

List IP table white-listed entries.
remove

One of set required.

Removes IP addresses from IP table white-list.

Command Default

None. One option from the set is required.

Usage Guidelines

Accompany the stcli security whitelist command with one of the positional arguments enclosed in { } or optional arguments enclosed in [ ].

stcli security whitelist add Command

Adds IP addresses to the IP table white list.

stcli security whitelist add [-h] --ips IP [IP . . .]

Syntax Description

Option

Required or Optional

Description
--ips IP [IP . . .]

Required.

The IP addresses to add to white list.

Command Default

None. IP addresses required.

Usage Guidelines

Accompany the stcli security whitelist add command with the IPs of the servers to add. 

# stcli security whitelist add --ips 10.1.2.3 10.3.4.5

stcli security whitelist clear Command

Deletes the entire list of IP addresses in the IP table white list.

stcli security whitelist clear [-h]

Command Default

None.

Usage Guidelines

Run the stcli security whitelist clear command to delete IP addresses from the white list.

stcli security whitelist list Command

Displays the list of white list entries in the IP table.

stcli security whitelist list [-h]

Command Default

None.

Usage Guidelines

Accompany the stcli security whitelist list command, or include optional arguments enclosed in [ ]. 

# stcli security whitelist list
10.1.1.2
10.1.2.3

stcli security whitelist remove Command

Deletes the specified IP addresses from the IP table white list.

stcli security whitelist remove [-h] --ips IP [IP . . .]

Syntax Description

Option

Required or Optional

Description
--ips IP [IP . . .]

Required.

IP addresses to remove from white list.

Command Default

None.

Usage Guidelines

Accompany the stcli security whitelist remove command with the IP addresses to remove from the white list. 

# stcli security whitelist remove --ips 10.1.2.3