You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: articles/operator-nexus/howto-use-break-glass-access.md
+4-4Lines changed: 4 additions & 4 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -15,7 +15,7 @@ Break glass access using Method D v2.0 is a streamlined approach for administrat
15
15
16
16
## Generating SSH Keys using the Nexusidentity Azure CLI
17
17
18
-
To start with break glass IAM configuration, you need to set up SSH keys using the Nexusidentity extension. Make sure you have the following prerequisites installed and updated.
18
+
To start with break glass Identity and Access Management (IAM) configuration, you need to set up SSH keys using the Nexusidentity extension. Make sure you have the following prerequisites installed and updated.
19
19
20
20
### Prerequisites
21
21
@@ -114,7 +114,7 @@ To enable break glass access, administrator can assign below roles to Entra user
114
114
115
115
- Allows show commands and commands to modify the running configuration.
116
116
117
-
Once these roles are assigned, the corresponding username and public SSH key will be automatically provisioned across all devices within the designated fabric instance.
117
+
Once these roles are assigned, the corresponding username and public SSH key are automatically provisioned across all devices within the designated fabric instance.
118
118
119
119
> [!Note]
120
120
> If a subscription owner assigns an user, the Network Fabric Service Reader or Writer role at the subscription scope, this role assignment will be inherited by all Network Fabric instances. Consequently, the user will be granted the privileges associated with the built-in role across all Network Fabric instances.
@@ -124,15 +124,15 @@ Once these roles are assigned, the corresponding username and public SSH key wil
124
124
125
125
## Break-glass access to Network Fabric device
126
126
127
-
Once permissions are granted, users can access network fabric devices with their FIDO-2 hardware token (for example, YubiKey). Follow the steps below to use break glass access.
127
+
Once permissions are granted, users can access network fabric devices with their FIDO-2 hardware token (for example, YubiKey). Follow these steps to use break glass access.
128
128
129
129
1. **Prepare for access**:
130
130
131
131
- Make sure your **FIDO-2 hardware token** is plugged into your computer.
132
132
133
133
2. **Use SSH with the `-J` option**:
134
134
135
-
- The `-J` option enables you to log in through a jump server and access a fabric device directly. This involves authentication first with the jump server and then with the fabric device (using ssh keys).
135
+
- The `-J` option enables you to log in through a jump server and access a fabric device directly. This process involves authentication first with the jump server and then with the fabric device using SSH keys.
136
136
137
137
Use the following command format to access a fabric device:
0 commit comments