Unlocking the ThousandEyes Appliance
The ThousandEyes Virtual Appliance (VA) and Physical Appliance (PA) provide a limited number of administrative commands via the
sudo utility, when users access the command line using SSH as user thousandeyes. If greater control over the operating system and the ThousandEyes Agent software is required, the VA can be “unlocked”, which gives the thousandeyes user the ability to use any command via sudo.NOTE: Changes which require unlocking the Virtual Appliance will not be supported by ThousandEyes. A Virtual Appliance which becomes inaccessible, unstable or otherwise unusable after such changes will require reinstallation of the Virtual Appliance.
To unlock the Appliance, install the te-va-unlock package from the ThousandEyes APT repository (apt.thousandeyes.com). Installing the package is done from the command line of the Appliance. Access the command line via SSH. See the following articles to configure SSH access from your operating system:
Once you have accessed the Appliance via SSH, issue the following commands to install the package:
sudo apt-get update
sudo apt-get install te-va-unlock
The
te-va process will be restarted at the conclusion of the installation.An example of unlocking an Appliance is show below:
[email protected]:~$ sudo apt-get install te-va-unlock
Reading package lists... Done
Building dependency tree
Reading state information... Done
The following NEW packages will be installed:
te-va-unlock
0 upgraded, 1 newly installed, 0 to remove and 10 not upgraded.
Need to get 848 B of archives.
After this operation, 0 B of additional disk space will be used.
Get:1 http://apt.thousandeyes.com/ trusty/main te-va-unlock amd64 0.96-1~trusty [848 B]
Fetched 848 B in 0s (3405 B/s)
Selecting previously unselected package te-va-unlock.
(Reading database ... 37645 files and directories currently installed.)
Preparing to unpack .../te-va-unlock_0.96-1~trusty_amd64.deb ...
Unpacking te-va-unlock (0.96-1~trusty) ...
Setting up te-va-unlock (0.96-1~trusty) ...
te-va stop/waiting
te-va start/running, process 2599
An unlocked Appliance's web interface will display a red "Unlocked" icon, as shown in the image below. If the unlock process was run after logging into the Appliance's web interface, then log out and log back into the web interface to see the Unlocked icon.
The "thousandeyes" user account exists on the appliance to allow you to do limited troubleshooting. The appliance may be accessed via SSH after setting up SSH keys.
If more advanced troubleshooting is needed, ThousandEyes Support can, in conjunction with the customer, gain root access to the appliance using the "thousandeyes" user account password. The password hash is present on all ThousandEyes virtual appliances and is changed on a yearly basis. This password cannot be used for remote access to the appliance.