ProxySG & Advanced Secure Gateway

 View Only
  • 1.  Read-only user

    Posted Jan 23, 2022 01:37 AM

    I am creating a user with read-only access, but this user can not run the command  to display/show configuration using SSH. it requires admin privilege. is there a way i provide user  custom privileges or give this user a privilege to run specific commands. I am creating a user for tripwire solution which will access the proxysg via SSH and run the "show configuration" command to check the integrity.


  • 2.  RE: Read-only user

    Posted Jan 23, 2022 05:12 AM
    Hello Sohail,

    You can't assign specific privileged commands to read-only users, but you could use a different command that doesn't require enable mode, which is 'show advanced-url /archconf_expanded.txt'

    Paul Riddington

  • 3.  RE: Read-only user

    Posted Jan 23, 2022 05:58 AM
    Hello Paul,

    Thank you very much. This is what I needed and it worked. is there any command which will display all the output in one go without break? like in cisco we have "terminal length 0".


  • 4.  RE: Read-only user

    Posted Jan 23, 2022 06:32 AM
    Hi Sohail,

    You can use plink.exe (from the Putty packet) via Windows command line:

    plink username@proxyip -pw userpass -m C:\ssh_command.txt

    and put "show advanced-url /archconf_expanded.txt" without double quotation into file "ssh_command.txt". Article about using plink.exe for automation:

  • 5.  RE: Read-only user

    Posted Jan 23, 2022 01:32 PM
    You can with the commands below but that requires enable mode.

    config t
    length 0

    Otherwise, you could use an external command such as the one described by Pavel.