Junos OS

Hi,

why shell mode(root@%) is used in Junos CLI and what are the commands used in shell mode.

Regards,

Mohsin

Hello ,

Shell is mainly used for fetching the details from forwarding engine in Junos architecture . Normally there is no command from shell other than  file system commands . We need to either log into the operation Mode  ( root>  ) by typing cli  or log into the  vty based on the device .

Thanks for quick response.

I have read somewhere, that

Hi,

AFAIK, when you add a new user their home directory is created automatically, and I wasn't aware that there was a need to manually create each users home directory; although you can create additional directories etc., via the shell.

space@mySRX> start shell
% pwd
/cf/var/home/space
% mkdir myBackups
% exit
exit

space@mySRX> configure
Entering configuration mode

[edit]
space@mySRX# save myBackups/myConfig.cfg
Wrote 418 lines of configuration to 'myBackups/myConfig.cfg'

[edit]
space@mySRX# run file list myBackups/

/cf/var/home/space/myBackups/:
myConfig.cfg

[edit]
space@mySRX# 

Yes, you can mount/format a USB stick from the command line, have to admit that I forgot about that one, which is probably an indication of how frequently (or not) I perform that task.

A link in relation to KB article that covers this for an SRX is below:

https://kb.juniper.net/InfoCenter/index?page=content&id=KB22184&smlogin=true&actp=search

e.g.

space@mySRX> start shell 
% su 
Password:
root@mySRX% mount -t msdos /dev/da1s1 /mnt
root@mySRX% mkdir /mnt/myBackups
root@mySRX% cp /var/home/space/myBackups/myConfig.cfg /mnt/myBackups/.
root@mySRX% umount /mnt
root@mySRX% exit
exit
% exit
exit

space@mySRX> exit

Regards,

Andy

Junos OS is based on FreeBSD, and as such when you login to Junos OS as root, you commence at the FreeBSD shell prompt. 

As root, you can then jump into the JunOS CLI by entering the "cli" command.

For a non-root user the prompt is not typically the FreeBSD shell and is instead the CLI.  Although if they have sufficient permissions then those users can switch to the shell via the "start shell", "start shell sh" or "start shell csh" commands etc., although "sh" is really "bash".

You could also make a user default to ba"sh" or "csh" by setting the hidden configuration knob: 

system {
  login {
    class shell-user {
      permissions shell;
      allow-commands "show cli authorization";
    }
    user joe {
      class shell-user;
      shell sh;
      authentication {
        encrypted-password "yadda...yadda...yadda"; ## SECRET-DATA
      }
    }
  }
}

E.g.

login as: joe
Using keyboard-interactive authentication.
Password:
--- JUNOS 12.1X46-D40.2 built 2015-09-26 02:25:28 UTC
$ ps -p $$
  PID  TT  STAT      TIME COMMAND
19658  p2  Ss     0:00.09 -sh (sh)
$ cli
joe@somewhere> show cli authorization
Current user: 'joe         ' class 'shell-user'
Permissions:
    shell       -- Can start a local shell
Individual command authorization:
    Allow regular expression: show cli authorization
    Deny regular expression: none
    Allow configuration regular expression: none
    Deny configuration regular expression: none

joe@somewhere> exit
$ exit

As for commands that can be executed from within the shell, the list is long it's FreeBSD based after all;  although about the only reason I ever use the shell personally is to manually create op/commit/event scripts in the /var/db/scripts/.../ location using vi.  I'm sure that others have their reasons for accessing the shell too.

But even then that's normally if I'm troubleshooting a script, and need to make some changes on the fly, and to be honest about the only time I ever login as root as to manually setup a new device, and even then that is automated wherever possible/pratical and root/shell access is still kept to an absolute bare minimum.

HTH.

Regards,

Andy