Please note that this capability is experimental and can be subject of significant changes.
FastNetMon Advanced provides capability to expose command line configuration tool fcli via ssh protocol without using system ssh server.
Such approach offers better security as it provides access only for FastNetMon specific configuration options and does not provide access to filesystem at all.
FastNetMon ssh shell does not use Linux access control and you can control it completely independent way.
To enable this capability please use at least version 2.0.351.
As very first step we need to create systemd service unit for FastNetMon ssh shell:
sudo vim /lib/systemd/system/fastnetmon_ssh_shell.service
Then put following content:
[Unit] Description=FastNetMon Advanced web API gateway After=network.target remote-fs.target [Service] Type=simple Environment=SSH_SERVER_MODE=on ExecStart=/opt/fastnetmon/app/bin/fcli Restart=on-failure RestartSec=5s [Install] WantedBy=multi-user.target
By default, it will use port 2222 but you can change it using environment variable SSH_SERVER_PORT.
Then you need to put your public ssh key in same format as for ~/.ssh/authorized_keys to /etc/fastnetmon/authorized_keys. You can put only single key here.
Then start service:
sudo systemctl restart fastnetmon_ssh_shell
Enable auto start on machine boot:
sudo systemctl enable fastnetmon_ssh_shell
Check that service is up and running:
sudo systemctl status fastnetmon_ssh_shell
After that you can access fcli interface via ssh in non interactive way:
ssh flab1 -p2222 fcli show license Production license for 10000 mbits valid until 2023-10-17
Or using interactive fcli console:
ssh flab1 -p2222 fcli>
Where you can run any commands in interactive shell session:
fcli> show license Production license for 10000 mbits valid until 2023-10-17
This interface provides exactly same commands as regular fcli.