What can I help you with?

NVIDIA NVOS User Manual for InfiniBand Switches v25.02.2002

NVIDIA Docs Hub NVIDIA Networking Networking Software Switch Software NVIDIA NVOS User Manual for InfiniBand Switches v25.02.2002 AAA Commands

On This Page

nv show system aaa role
nv show system aaa role id
nv show system aaa user
nv show system aaa user id
nv show system aaa user ssh authorized-key
nv show system aaa user ssh authorized-key id
nv show system aaa allow-reset-local-passwords
nv show system aaa user ssh
nv set system aaa user ssh authorized-key
nv set/unset system aaa user
nv set/unset system aaa user full-name
nv set/unset system aaa user state
nv set/unset system aaa user role
nv set/unset system aaa user password
nv set/unset system aaa user hashed-password
nv set/unset system aaa allow-reset-local-passwords state

AAA Commands

nv show system aaa role

	nv show system aaa role Displays list of roles (user capabilities) and their groups.
Syntax Description	N/A
Default	N/A
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv show system aaa role Role Groups ------- ----------------------------------------- admin nvapply,nvset,nvshow monitor nvshow`
REST API	GET https://<ip>/nvue_v1/system/aaa/role
Related commands	nv show system aaa role monitor
Notes	admin—full administrative capabilities monitor—read only capabilities, can not change the running configuration

nv show system aaa role id

	nv show system aaa role <id> Displays configuration of a role.
Syntax Description	id	Role ID (i.e., admin, monitor)
Default	N/A
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv show system aaa role monitor operational applied description ----------- ----------- --------- ------------------------ groups show Groups of the role`
REST API	GET https://<ip>/nvue_v1/system/aaa/role/{id}
Related commands	nv show system aaa role
Notes	admin—full administrative capabilities monitor—read only capabilities, cannot change the running configuration

nv show system aaa user

	nv show system aaa user Displays list of users, their role and status.
Syntax Description	N/A
Default	N/A
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv show system aaa user Username Full-name Role State -------- -------------------- ------- ------- admin System Administrator admin enabled monitor System Monitor monitor enabled`
REST API	GET https://<ip>/nvue_v1/system/aaa/user
Related commands	nv set system aaa user
Notes

nv show system aaa user id

	nv show system aaa user <user-id> Displays configuration of a user.
Syntax Description	user-id	The user (e.g., monitor, test)
Default	N/A
History	25.02.2xxx
Example	Copy Copied! admin@nvos:~$ nv show system aaa user admin operational applied --------------- -------------------- -------------------- state enabled enabled role admin admin full-name System Administrator System Administrator password * * hashed-password * *
REST API	GET https://<ip>/nvue_v1/system/aaa/user/{user-id}
Related commands	nv show system aaa user nv set system aaa user
Notes

nv show system aaa user ssh authorized-key

	nv show system aaa user <user-id> ssh authorized-key Lists all SSH keys associated with the specified user.
Syntax Description	user-id	The user (e.g., monitor, test)
Syntax Description	authorized-key-id	Name of the SSH key (item-name) (enum: saved keys of user)
Default	N/A
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv show sys aaa user admin ssh authorized-key SSH Key Name Key string Key Type ------------ ---------- -------- key1 * ssh-rsa key2 * ssh-rsa`
REST API	GET https://<ip>/nvue_v1/system/aaa/user/<user>/ssh/authorized-key
Related ommands
Notes	The key string is obfuscated yet not regarded as a secret within NVOS.

nv show system aaa user ssh authorized-key id

	nv show system aaa user <user-id> ssh authorized-key <ssh-authorized-key-id> Displays details for a specific SSH key.
Syntax Description	user-id	The user (e.g., monitor, test)
Syntax Description	authorized-key-id	Name of the SSH key (item-name) (enum: saved keys of user)
Default	N/A
History	25.02.2xxx
Example	Copy Copied! admin@nvos:~$ nv show sys aaa user admin ssh authorized-key key1 operational applied ---- ----------- ------- key * * type ssh-rsa ssh-rsa admin@nvos:~$ nv show sys aaa user admin ssh authorized-key key2 operational applied pending ---- ----------- ------- ------- key * type ssh-rsa
REST API	GET https://<ip>/nvue_v1/system/aaa/user/<user-id>/ssh/authorized-key/<ssh-authorized-key-id>
Related Commands
Notes	The key string is obfuscated yet not regarded as a secret within NVOS.

nv show system aaa allow-reset-local-passwords

	nv show system aaa allow-reset-local-passwords Displays state of resetting the local users passwords upon long reboot press
Default	enabled
Example	Copy Copied! `admin@nvos:~$ nv show system allow-reset-local-passwords operational applied ----- ----------- ------- state enabled enabled`
REST API	GET https://<ip>/nvue_v1/system/aaa/allow-reset-local-passwords
Related Commands	nv set system allow-reset-local-passwords state <enabled\|disabled>
Notes

nv show system aaa user ssh

	nv show system aaa user <user-id> ssh Display user SSH configuration.
Syntax Description	user-id	The user (e.g., monitor, test)
Default	N/A
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv show sys aaa user admin ssh operational applied ---------------- ----------- ------- [authorized-key] key1 key1`
REST API	GET https://<ip>/nvue_v1/system/aaa/user/<user-id>/ssh
Related Commands
Notes	Key string in obfuscated but is not considered a secret in nvos.

nv set system aaa user ssh authorized-key

	nv set system aaa user <user> ssh authorized-key <ssh-authorized-key-id> Authorized SSH key configuration.
Syntax Description	authorized-key-id	Name of the SSH key (item-name) (enum: saved keys of user)
	Key	The base64 contents of the key (key-string)
	type	The type of encoded key (string \| enum:ecdsa-sha2-nistp256, ecdsa-sha2-nistp384, ecdsa-sha2-nistp521, ssh-ed25519, ssh-rsa \| default:ssh-rsa)
Default	Key=N/A, Type=ssh-rsa
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set sys aaa user admin ssh authorized-key key1 key AAAdnfs…== admin@nvos:~$ nv set sys aaa user admin ssh authorized-key key1 type nistp384`
REST API	PATCH https://<ip>/nvue_v1/system/aaa/user/<user-id>/ssh/authorized-key/<ssh-authorized-key-id>
Related Commands
Notes

nv set/unset system aaa user

	nv set system aaa user <user-id> nv unset system aaa user <user-id> Specifies a username and creates a user account. New users are created initially with admin privileges. The unset form of the command deletes the user account.
Syntax Description	user-id	The user. Username max length is 32 and it begins with a letter or an underscore, followed by letters, digits, underscores, or dashes. They can end with a dollar sign.
Default	The following usernames are available by default: * admin * monitor
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system aaa user test`
REST API	PATCH https://<ip>/nvue_v1/system/aaa/user/{user-id}
Related commands	nv show system aaa user nv set system aaa user password
Notes	New users must have a password. Default users cannot be deleted.

nv set/unset system aaa user full-name

	nv set system aaa user <user-id> full-name <full-name> nv unset system aaa user <user-id> full-name <full-name> Configures user's full-name (Gecos Field). The unset form of the command sets user full-name (Gecos Field) to empty.
Syntax Description	user-id	The user
Syntax Description	full-name	The full name of the user
Default	N/A
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system aaa user test full-name "Test User"`
REST API	PATCH https://<ip>/nvue_v1/system/aaa/user/{user-id}
Related commands	nv show system aaa user nv set system aaa user
Notes

nv set/unset system aaa user state

	nv set system aaa user <user-id> state <enable \| disable> nv unset system aaa user <user-id> state Enables/disables the user account. The unset form of the command returns the user account state to its default state (enabled).
Syntax Description	user-id	The user
Default	Enabled
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system aaa user test state disabled`
REST API	PATCH https://<ip>/nvue_v1/system/aaa/user/{user-id}
Related commands	nv show system aaa user nv set system aaa user
Notes	Disabling a user account will terminate all user bash terminals.

nv set/unset system aaa user role

	nv set system aaa user <user-id> role <role-id> nv unset system aaa user <user-id> role Configures user role (capabilities). The unset form of the command return the user account role to its default (admin).
Syntax Description	user-id	The user
Syntax Description	role-id	The name of the role
Default	admin
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system aaa user test role monitor`
REST API	PATCH https://<ip>/nvue_v1/system/aaa/user/{user-id}
Related commands	nv show system aaa user nv show system aaa role nv set system aaa user
Notes

nv set/unset system aaa user password

	nv set system aaa user <user_id> password nv unset system aaa user <user_id> password Configures a login password in cleartext. The unset form of the command clears the user password for non-default users. For default users, the default password will be expired and must be reconfigured in the next login.
Syntax Description	user-id	The user
Syntax Description	password	A password for the user in string form. A string containing special Linux characters must be quoted or have the special characters escaped (i.e., add "\" before each special character). Examples: `pass\!word` `"pass!word"` A leading dot is a special case and it must be escaped even if it is quoted: Examples: `"\.password"` `\\.password`
Default	N/A
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system aaa user test "pa\!sswOrd" admin@nvos:~$ nv set system aaa user test Enter new password: Confirm password:`
REST API	PATCH https://<ip>/nvue_v1/system/aaa/user/{user-id}
Related commands	nv show system aaa user nv set system aaa user
Notes	If no password was specified, user will be prompted to configure the password. If password hardening is enabled, the new password must match all configured policies. A string containing special Liznux characters must be quoted or have the special characters escaped (i.e., add "\" before each special character). Examples: `pass\!word` `"pass!word"` A leading dot is a special case and it must be escaped even if it is quoted: Examples: `"\.password"` `\\.password` A password is required, therefore a password must be configured before applying new configurations.

nv set/unset system aaa user hashed-password

	nv set system aaa user <user-id> hashed-password nv unset system aaa user <user-id> hashed-password Configures a login password in encrypted format. The unset form of the command clears the user hashed-password.
Syntax Description	user-id	The user
Syntax Description	hashed-password	A password for the user in encrypted text. Special Linux characters must be escaped (add "\" before each special character).
Default	N/A
History	25.02.2xxx
Example	Copy Copied! `admin@nvos:~$ nv set system aaa user test password "\$y\$j9T\$YwHwJEhi5c2oCgNNVJZgR0\$TboB1DcoS2iGmneLa/9Y54hsAgq9milQKGYmmkRffJC"`
REST API	PATCH https://<ip>/nvue_v1/system/aaa/user/{user-id}
Related commands	nv show system aaa user nv set system aaa user nv set system aaa user password
Notes	If password hardening is enabled, hashed-password configuration will be blocked. Special Linux characters must be escaped (i.e., add "\" before each special character). A password is required, therefore a password must be configured before applying new configurations.

nv set/unset system aaa allow-reset-local-passwords state

	nv set system aaa allow-reset-local-passwords state <enabled \| disabled> nv unset system aaa allow-reset-local-passwords state Enables/disables the ability to reset local users' passwords upon long reboot press. The unset form of the command returns the state of feature to its default state (enabled).
Example	Copy Copied! `admin@nvos:~$ nv set system aaa allow-reset-local-passwords state disabled`
REST API	PATCH https://<ip>/nvue_v1/system/aaa/allow-reset-local-passwords
Related commands	nv show system aaa allow-reset-local-passwords
Notes

© Copyright 2024, NVIDIA. Last updated on Jan 8, 2025.