Step 1: Log In to the CBH System
Scenarios
You can log in to your CBH system through a web browser or an SSH client.
- Web browser login: System management and resource O&M are available. Using a web browser is recommended for system administrator admin or administrators for system management and authorization auditing.
- SSH client login: O&M personnel can use an SSL client to directly log in to the authorized resources for O&M without having to change their login methods.
Prerequisites
- A CBH instance has been purchased and is in the Running state. The CBH system is within the authorization period.
- You have obtained the address and credentials for logging in to the CBH system.
Logging In to a CBH System from a Web Browser
- Enter the IP address of the CBH system in the address box of your browser to access the login page.
If a browser incompatible with the CBH system is used, the login verification message may fail to be sent to you, or exceptions may occur after the login. You are advised to use the recommended browsers. For details, see Table 1.
- Select a login authentication method as shown in Figure 1.
- Multi-factor authentication can be configured for all system users. Apart from the password authentication, you can enable SMS, OTP, USBKey, and/or OTP token. For details, see User Management.
- After multi-factor authentication is configured, Password authentication becomes invalid.
Table 2 Web browser login verification Authentication Method
Login Description
Configuration Description
Password
Enter the username and password for logging in to the CBH system.
Default login mode.
- The login passwords in the AD, RADIUS, and LDAP authentication are the user passwords of the remote server. For details, see System Configuration.
SMS
Enter the username and password for logging in to the CBH system, click Get Code, and enter the SMS verification code you receive.
An available phone number has been configured for the account.
OTP
Enter the username and password for logging in to the CBH system, and enter the mobile phone one-time password (OTP), which changes periodically.
NOTE:Ensure that your CBH system time is the same as the mobile phone time (accurate to the second). Otherwise, a message indicating that the verification code is incorrect will be reported.
You need to bind your account to a mobile OTP and contact the administrator to configure multi-factor authentication. For details, see Mobile OTP
USBKey
Insert and select an issued USB key and enter the corresponding PIN.
You need to obtain an issued USB key. For details, see Issuing a USBKey.
OTP token
Enter the username and password for logging in to the CBH system, and enter the dynamic password of the OTP, which changes periodically.
You need to obtain an issued OTP token. For details, see Issuing an OTP Token.
- Click Login to log in to the CBH system for O&M.
- The admin user is a system administrator account that is used to log in to the CBH system for the first. The admin account has the highest level of authority. Permissions for the admin account cannot be modified. Keep the account information secure.
- After logging in to the CBH system for the first time, all users need to change the passwords and configure the phone number as prompted. Otherwise, the system cannot be further loaded. The phone number can be changed on the Profile page in the Dashboard module.
Login Using an SSH Client
After obtaining the required permissions for authorized resources, users can log in to the CBH system through the SSH client for O&M.
- Resources that can be managed using an SSH client includes hosts configured with the SSH, Telnet, or Rlogin protocols.
- SecureCRT 8.0 or later and Xshell 5 or later are recommended.
- Start the local SSH client tool and choose File > New to create a user session.
- Run the command as follows to configure a session connection, for example, ssh admin@10.10.10 2222:
Protocol type User login name@CBH login IP address Port number
- Authenticate user identities.
When an SSH client is used for establishing connections, you can use Password, SSH Pubkey, SMS, Mobile OTP, and/or OTP Token authentication.
To enable SMS, Mobile OTP, or OTP token authentication, you need to configure multi-factor authentication. For details, see User Management.Table 3 SSH client login authentication Authentication Method
Login Description
Configuration Description
Password
Enter the username and password to log in to the CBH system.
Default login mode.
- The login passwords in the AD, RADIUS, and LDAP authentication are the user passwords of the remote server. For details, see System Configuration.
SSH Pubkey
Enter the key and password of the SSH public key of the account for login.
After the authentication is successful, the user can use the SSL client to log in to the CBH system without having to enter a password.
Configure SSH Pubkey on the Profile page in the Dashboard module.
SMS
After the Password or SSH PubKey login is authenticated, select SMS and enter the verification code.
Configure an available phone number for the account first.
Mobile OTP
After the Password or SSH Pubkey login is authenticated, select Mobile OTP and enter the verification code.
NOTE:Ensure that your CBH system time is the same as the mobile phone time (accurate to the second). Otherwise, a message indicating that the verification code is incorrect will be reported.
Bind your account to a mobile OTP and contact the administrator to configure multi-factor authentication. For details, see Mobile OTP
OTP token
After the Password or SSH Pubkey login is authenticated, select OTP token and enter the verification code.
Obtain an issued OTP token. For details, see Issuing an OTP Token.
- After logging in to the CBH system, you can view system information and start O&M operations.
Last Article: Before You Start
Next Article: Step 2: Create a CBH System User
Did this article solve your problem?
Thank you for your score!Your feedback would help us improve the website.