Below is the procedure you need to follow to login to shell of a branch which has “shell lockout” enabled.

 

On the Branch

 

While accessing shell of a branch which has “shell lockout” enabled  you will see the below prompt – you will notice the system time being displayed along with a long string identifier

 

 

The time is of significance because we using “Time-based OTP”

 

On the GenOTP server

 

Copy the “time” from the branch and set it on the GenOTP server (use the UTC time highlighted by the arrow above)

 

 

Execute genotp bin with the “string identifier” obtained from the branch

 

 

 

GenOTP servers

 

You can access the below servers to execute genotp

 

 

10.192.121.129 (versa/versa123)

 

versa@ubuntu:~$ cd /home/versa/build/usr/sbin/vmod

 

versa@ubuntu:~/build/usr/sbin/vmod$ pwd

/home/versa/build/usr/sbin/vmod

 

versa@ubuntu:~/build/usr/sbin/vmod$ sudo ./genotp MNQTKMDFGA2WKLJVMU4DCLJRGFSWGLJZGYZTALJVGI2TIMBQGMYTSOJUGIWWC3TJGEZDG===

OTP: 033550

 

10.192.34.128 (versa/versa123)

 

versa@gourav:~/build/usr/sbin/vmod$ pwd

/home/versa/build/usr/sbin/vmod

 

versa@gourav:~/build/usr/sbin/vmod$ sudo ./genotp MNQTKMDFGA2WKLJVMU4DCLJRGFSWGLJZGYZTALJVGI2TIMBQGMYTSOJUGIWWC3TJGEZDG===

OTP: 261708

 

10.192.215.1  (versa/versa123)

 

versa@Senthil:~$ cd /home/versa/genotp/build/usr/sbin/vmod

 

versa@Senthil:~/genotp/build/usr/sbin/vmod$ sudo ./genotp MNQTKMDFGA2WKLJVMU4DCLJRGFSWGLJZGYZTALJVGI2TIMBQGMYTSOJUGIWWC3TJGEZDG===

OTP: 149828

 

 

Note: Please make sure you set the time using the below command using the time from the branch before executing the genotp bin, because we use “time based otp” the time on the branch has to be in sync with the time on the server

 

versa@ubuntu:~/build/usr/sbin/vmod$ sudo date -s "Tue 2022-09-13 04:36:38 UTC"

Tue Sep 13 10:06:38 IST 2022

 

Note that “ntp” is disabled on these servers so that you can set the time (using “date -s” as mentioned above) after copying the time from the branch which is displayed when you access “shell” from cli

 

versa@ubuntu:~/build/usr/sbin/vmod$ sudo date -s "Tue 2022-09-13 04:36:38 UTC"

Tue Sep 13 10:06:38 IST 2022

 

 

Miscellaneous

 

Shell lockout is enabled (by the customer) using the below command (on cli)

 

request system shell lockout secret <secret-key> timeout <seconds>               (secret-key is only known to the customer)

 

To disable shell lockout, use the below

 

request system shell enable secret <secret-key>