Merge pull request #294744 from sushantjrao/break-glass-setup

prmerger-automator[bot] · web-flow · commit 89227360d314 · 2025-02-18T19:10:14.000Z
Update howto-use-break-glass-access.md
diff --git a/articles/operator-nexus/howto-upgrade-os-of-terminal-server.md b/articles/operator-nexus/howto-upgrade-os-of-terminal-server.md
@@ -15,14 +15,15 @@ This document provides a step-by-step guide to upgrade the operating system (OS)
 
 ## **Prerequisites**
 
-- **Root account password** for the Terminal Server.
+- User must have **Root account password** for the Terminal Server.
 
 - An **on-premises machine** with access to the Terminal Server for file transfers.
 
 - Download **Latest firmware download**: [Opengear Firmware](https://ftp.opengear.com/download/opengear_appliances/OM/current/). 
 
 >[!Note]
-> This guide has been validated with Opengear firmware version 24.07.1.
+> This guide has been validated with Opengear firmware version 24.07.1, which was upgraded from version 22.06.0, and is supported with Nexus Network Fabric runtime version 4.0.0.
+> Validation for compatibility with Nexus Network Fabric runtime version 5.0.0 is ongoing as part of the Nexus Network Fabric 8.0 release testing.
 
 ## **Stage 1: Pre-upgrade checks (Terminal Server)**
 
diff --git a/articles/operator-nexus/howto-use-break-glass-access.md b/articles/operator-nexus/howto-use-break-glass-access.md
@@ -15,7 +15,7 @@ Break glass access using Method D v2.0 is a streamlined approach for administrat
 
 ## Generating SSH Keys using the Nexusidentity Azure CLI
 
-To start with break glass IAM configuration, you need to set up SSH keys using the Nexusidentity extension. Make sure you have the following prerequisites installed and updated.
+To start with break glass Identity and Access Management (IAM) configuration, you need to set up SSH keys using the Nexusidentity extension. Make sure you have the following prerequisites installed and updated.
 
 ### Prerequisites
 
@@ -26,31 +26,42 @@ To start with break glass IAM configuration, you need to set up SSH keys using t
 - **Azure CLI**: Version 2.61 or higher (64-bit)
 - **Nexusidentity Extension**: This extension must be added to Azure CLI.
 - **YubiKey Firmware Version**: Must be 5.2.3 or higher.
+- **Enable Long paths** - Windows long paths support must be enabled [Refer](https://pip.pypa.io/warnings/enable-long-paths).
 
 ### Steps to Install Nexusidentity Extension and Generate SSH Keys
 
-1. **Open PowerShell**:
+1.  **Enabling long paths**
+   
+- Run the following PowerShell as an administrator.
+
+   ```PowerShell 
+   New-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\FileSystem" -Name "LongPathsEnabled" -Value 1 -PropertyType DWORD -Force
+   ```
+
+- Close the PowerShell terminal.
+
+2. **Open PowerShell**:
 
 > [!Note]
 > Use non-admin mode for this process.
 
-2. **Update Azure CLI**:
+3. **Update Azure CLI**:
 
    - Run the following command to update Azure CLI to the latest version:
 
      ```Azure CLI
      az upgrade
      ```
 
-3. **Install Nexusidentity extension**:
+4. **Install Nexusidentity extension**:
 
    - To add the Nexusidentity extension
 
      ```Azure CLI
      az extension add --name nexusidentity
      ```
 
-4. **Generate SSH Keys with Nexusidentity extension**:
+5. **Generate SSH Keys with Nexusidentity extension**:
 
    a. Download the [Yubico Key Manager](https://www.yubico.com/support/download/yubikey-manager) to reset your YubiKey for initial setup.
    
@@ -69,7 +80,7 @@ To start with break glass IAM configuration, you need to set up SSH keys using t
       ```
 
    > [!NOTE]
-   > Method Dv2.0 passkeys requires the YubiKey hardware token with a firmware version of 5.2.3 or higher.
+   > Method Dv2.0 passkeys require the YubiKey hardware token with a firmware version of 5.2.3 or higher.
 
    e. During this process:
 
@@ -103,7 +114,7 @@ To enable break glass access, administrator can assign below roles to Entra user
 
   - Allows show commands and commands to modify the running configuration.
 
-Once these roles are assigned, the corresponding username and public SSH key will be automatically provisioned across all devices within the designated fabric instance.
+Once these roles are assigned, the corresponding username and public SSH key are automatically provisioned across all devices within the designated fabric instance.
 
 > [!Note]
 > If a subscription owner assigns an user,  the Network Fabric Service Reader or Writer role at the subscription scope, this role assignment will be inherited by all Network Fabric instances. Consequently, the user will be granted the privileges associated with the built-in role across all Network Fabric instances.
@@ -113,15 +124,15 @@ Once these roles are assigned, the corresponding username and public SSH key wil
 
 ## Break-glass access to Network Fabric device
 
-Once permissions are granted, users can access network fabric devices with their FIDO-2 hardware token (for example, YubiKey). Follow the steps below to use break glass access.
+Once permissions are granted, users can access network fabric devices with their FIDO-2 hardware token (for example, YubiKey). Follow these steps to use break glass access.
 
 1. **Prepare for access**:
 
    - Make sure your **FIDO-2 hardware token** is plugged into your computer.
 
 2. **Use SSH with the `-J` option**:
 
-   - The `-J` option enables you to log in through a jump server and access a fabric device directly. This involves authentication  first with the jump server and then with the fabric device (using ssh keys).
+   - The `-J` option enables you to log in through a jump server and access a fabric device directly. This process involves authentication first with the jump server and then with the fabric device using SSH keys.
 
    Use the following command format to access a fabric device:
 
