Managing the Portal from a Restricted Shell
  • 13 Aug 2023
  • 3 Minutes to read
  • Dark
  • PDF

Managing the Portal from a Restricted Shell

  • Dark
  • PDF

Article Summary

All Platforms Except AWS

To configure the restricted shell:

  1. Generate both a private and public SSH key (.ppk) for the admin user.
  2. Open a SSH session to the CTERA Portal instance and log in as the root user.
  3. Run the following command to enable SSH key access to the portal: public_sshkey_chain
    where public_sshkey_chain is the public SSH key generated for the admin user.

    In a separate SSH session use the private key file generated for the admin user to open the session, and verify that you can log in to the portal as the admin user.
    In a separate SSH session, verify that you cannot log in to the portal as the root user.
    When the portal is configured with multiple servers, for high availability, you need the private SSH Key when accessing any of the servers.

To disable the restricted shell:

  • Run the following command to disable root access and enable the restricted shell: DISABLE


When the CTERA Portal is installed on an AWS platform, access to the portal shell is, by default, limited to a restricted shell with a set of commands to manage the portal. The root user is disabled and a sudo superuser is authorized instead to perform portal related operations.


Users who require additional shell functionality can access the full Linux shell from the restricted shell, if required.

All Platforms

The following operations are provided with the restricted shell:

  • Display command help
  • Stop/start/restart portal services
  • Display the portal status
  • Shutdown/reboot the server instance
  • Display the application/database/image log file
  • Create/extend/destroy portal storage
  • Turn on/off root access to the server
  • Enable/disable support access
  • Terminate the restricted shell session

Logging In to the Restricted Shell

Open a SSH session to the CTERA Portal instance and log in with the admin user.

Getting Help

Enter Help to display the available commands, described in CTERA Portal Restricted Shell Commands.

To get help for commands that require an argument, enter the command. For example, typing storage displays the syntax for the storage command.


Entering a command that does not require an argument, immediately executes that command.

CTERA Portal Restricted Shell Commands

The following shell commands are available:
elevate – The user has root access. A string is returned which is entered in the machine to elevate to enable the user to perform additional actions as a sudo user. Root access is granted for 24 hours, after which time the root session automatically ends.
elevate off – The root session ends.
help – Display details of the available shell commands.
portal – Perform a specific option on the portal. The options are:
start – Start the portal service.
stop – Stop the portal service.
restart – Restart
the portal service.
status – Display the portal status, including the status of the database and Tomcat services, the portal status and the percentage of storage used.
quit – End the shell session.
show – Show the specified log file. The options are:
db-log – Display the database log.
application-log – Display the application log.
image-log – Display the CTERA portal log.
Quit the display by entering Ctrl-C.
shutdown – Shutdown the virtual machine running the CTERA Portal.
storage – Options to manage portal storage. The options are:
create_storage – Add a volume to the CTERA portal, to create a data pool.
extend_storage – Add a volume to the CTERA portal data pool.
destroy_storage – Remove a volume from the CTERA portal data pool.
create_db_archive_pool – Create a copy of the CTERA portal data pool, to use for disaster recovery.
extend_db_archive_pool – Add a volume to the archive CTERA portal data pool, used for disaster recovery.
destroy_db_archive_pool – Remove a volume from the archive CTERA portal data pool, used for disaster recovery.
support – For use with CTERA support to enable remote access by support personnel to help resolve problems. The options are:
enable – Enable remote access by CTERA support.
disable – Disable remote access by CTERA support.


For portal management tasks that require root access, first run ‘elevate‘

Was this article helpful?


Eddy, a super-smart generative AI, opening up ways to have tailored queries and responses