nShield CLI Commands

GUI initialization

Upon the startup of the nShield Monitor Virtual Appliance, the CLI will wait for the GUI to finish initializing (at the first boot and every reboot). This operation can take up to 60 seconds. If GUI initialization is not completed by then, the user is logged out and asked to log back in later.

Setting a password

If you are using the One Time Password (OTP), you will be asked to change it after logging in and before accessing any of the CLI operations.

You are prompted with the following password requirements:

  • Length should be between eight and sixteen characters

  • Should contain at least two capital letters

  • Should contain at least two lower case letter,

  • Should contain at least two digits

  • Should contain at least two special characters

  1. Enter the old password.

  2. Enter the new password.

    The new password is checked for the requirements above and compared with the old password. If it fails to comply with the requirements or if the new password is the same as the old one, the user is prompted with the associated error and/or the requirements and is directed back to step 2.
  3. Enter the password confirmation.

The only check that is performed is whether the two passwords match.

If it fails, it will prompt the error and start from step 2 above.

If it is successful, you will proceed to the CLI commands of the wizard.

Master key status

After the setup wizard has run and the mandated passwords have been entered, a status message for the master key may be prompted. This occurs if the master key needs to be reloaded, or generated and loaded.

CLI setup wizard

Log in

  1. Connect to the IP address.

  2. Login as administrator.

    Login as an administrator

The CLI Setup Wizard initializes at the first boot. It will only initialize if the entire wizard setup has not yet run, or if the following steps of the wizard failed: Set User Email, or Create Administrators.

The wizard prompts you to perform the following operations:

  • Set the user's email

  • Create two administrators

  • Configure the network

  • Configure the date and time

  • Set two passwords for system key

Once the user logs in, the CLI verifies if the Virtual Machine (VM) has an IP address. If it does, it will prompt the user with the IP address and the URL to launch the wizard from a web browser.

If the Virtual Machine (VM) does not have an IP address, the CLI will prompt the user to set the static network configuration before running the Wizard. Until the IP address is set, the user will not be able to run the Wizard.

Welcome

  1. Select y to start the CLI Setup Wizard.

    Start Wizard prompt
Select n if you need to exit and logout.

EULA

The EULA is displayed one page at a time.

  1. Navigate the EULA:

  2. Scroll up and down the page using up and down arrows

  3. Select Enter to scroll down the page

  4. Enter q to quit EULA at any time

  5. Scroll to the bottom of the page, which will automatically close the EULA

  6. Select y to agree to the terms of the EULA.

    EULA
    Select n if your need to exit and logout (after 5 seconds).

    The system prompts to set the default user email.

Set User's Email

Enter user’s email address

The requirements for an email address are:

  • Alphanumeric characters and < - or _ or .>@<alphanumeric characters and < - or .>

  • The two parts before and after the "@" cannot start or end with a non-alphanumeric character.

  • The email cannot contain successive dots, dashes or underscores.

  1. Enter your email address.

  2. Re-enter your email address to confirm.

The system prompts to create your Administrators.

Create Administrators

Create administrators
  1. Enter the User Name for Administrator One.

  2. Enter the first administrator's email address; verify that the email address is valid.

  3. Enter the first administrator's email address confirmation; verify that the email addresses match.

  4. Repeat steps 1 through 3 above to create second administrator.

    Once the administrators are created, the system prompts for network configuration.

Configure network

Configure network

The wizard will show the current network configuration.

  1. Select the network configuration.

    Network configuration
  2. If DHCP, enter:

    • hostname (optional)

    • mail host (optional)

    • Interface (optional)

    Interface can be skipped by pressing enter (system defaults to eth0).
  3. If Static, enter:

    • hostname (mandatory)

    • IP (mandatory)

    • netmask (mandatory)

    • gateway (mandatory)

    • domain (optional)

    • primary DNS (optional)

    • secondary DNS (optional)

    • mail host (optional)

    • Interface (optional)

    Interface can be skipped by pressing enter (system defaults to eth0).
  4. To Keep the current configuration, enter: mail host(optional)

The system continues with Master Key Generation and prompts you to create Passphrase One.

Generate system key

  1. Enter Passphrase One and then re-enter to confirm.

    The system prompts for Passphrase Two.

  2. Enter Passphrase Two and then re-enter to confirm.

    Enter passphrase two

    The system prompts to configure date and time.

Configure date and time

Configure date and time
  1. Choose between NTP and NTP Disable (manual configuration).

    • Enter 1 or 2 based on your preference:

    • Enter: 1 for dynamic configuration (NTP enabled)

      Follow the prompts to complete the configuration.

  2. Enter servers (this is only optional if a server is already configured, otherwise this is mandatory).

    Enter servers
    • Check for server regular expression.

    • Select timezone (optional).

Each parameter is checked. If a failure occurs, you are prompted to re-enter the parameter.
  1. Enter 2 for manual configuration (NTP disabled)

    Manual cofiguration
  2. Follow the prompts to complete the configuration:

    Complete configuration
    • Enter date (optional)

    • Enter time (optional)

    • Select timezone (optional)

Each parameter is checked. If a failure occurs, you are prompted to re-enter the parameter.

The system now prompts for initialization.

Initialize

Initialize
  1. Select y to start performing all operations.

    Select n if you need to log out.

The initialization process is performed in the following order:

  • Generate and load master key.

  • Set user's email (if this fails, it will log out after five seconds).

  • Create administrators (if this fails, it will log out after five seconds).

  • Set mailhost.

  • Configure network.

  • Set NTP (on/off). Configure date, time and timezone and/or NTP servers.

If the date-time configuration is successful, a reboot is triggered.

You can log back in and restart the wizard if:

  • Initialization failed

  • Initialization was interrupted before setting Date/Time and Network

  • You logged out before initialization.

CLI commands

CLI commands

Network commands

Network commands
Network commands

Date-time commands

Date-time configuration triggers system reboot if configuration has succeeded.

Date and time commands
Date and time commands
Date and time commands
Date and time commands

System commands

System commands
System commands
System commands
System commands
System commands
System commands
System commands
System commands

Email queue commands

Email Queue commands

Troubleshooting commands

Troubleshooting commands
Troubleshooting commands
Troubleshooting commands
Troubleshooting commands
Troubleshooting commands

Service commands

Service commands
Service commands
Service commands
CLI access is restricted to Administrator accounts only. Manager accounts cannot access the CLI. A proper error message will be displayed.