Table of ContentsView in Frames

Restricting RLM access to only the specified administration hosts

You can configure the RLM to accept SSH requests from only the administration hosts that you specify.

Before you begin

Your system must be running RLM firmware 4.1 or later for the RLM access control to be supported. For information about downloading and updating the RLM firmware, see the Data ONTAP Upgrade and Revert/Downgrade Guide for 7-Mode.

Step

  1. Enter the following command to specify the administration host or hosts that you want to grant RLM access:
    options rlm.ssh.access host_spec

    You can specify host_spec in the following forms:
    • host[=|!=]host_list

      host_list is a comma-separated list that includes host names, IP addresses, or IP addresses with a netmask.

    • all or *

      Allows all hosts to access the RLM.

    • none or -

      Allows no hosts to access the RLM.

    The default for host_spec is *.

    For more information and examples about using this option, see the na_rlmaccess(8) man page.

Examples of restricting RLM access to only the specified hosts

The following example grants RLM SSH access to the administration host with the specified IP address:

system> options rlm.ssh.access host=192.168.123.98

The following example grants RLM SSH access to two administration hosts, identified by their host names:

system> options rlm.ssh.access host=myhost1,myhost2 

The following example grants RLM SSH access to all hosts with their IP address prefix matching 3FFE:81D0:107:2082:

system> options rlm.ssh.access host=3FFE:81D0:107:2082::1/64