Command Line Help
If you have command line experience, you can troubleshoot your orchestrator installation or activation within a terminal window.
Command Line Resources
Your orchestrator installation comes with OpenSSL, Telnet, and the Vim text editor. OpenSSL and Telnet can help you test orchestrator connectivity or troubleshoot network issues. Vim is helpful if you need to edit files, for example if you need to configure a static IP.
Follow these links to learn more about each feature:
Use the following commands to troubleshoot an orchestrator using the command line:
systemctl start rapid7-orchestrator: start an orchestrator that is not currently running
systemctl stop rapid7-orchestrator: stop an orchestrator that is currently running
systemctl status rapid7-orchestrator: check on the status of an orchestrator
systemctl restart rapid7-orchestrator: stop and restart an orchestrator
sudo rapid7-orchestrator --print-activation: print the activation key for an orchestrator
To show an orchestrator version number, run
yum info rapid7-orchestrator.
Orchestrators and InsightConnect update automatically, but if you need to manually update an orchestrator, run
yum update rapid7-orchestrator to force an update.
These shortcuts make it easier for you to quickly manage an orchestrator without typing out the full command:
orch-logs: tails the orchestrator logs
orch-logs-err: tails the
orch-print-activation: prints the orchestrator activation key. If you can’t copy this from the command line, run
orch-print-activation > ~/activation.txtinstead and retrieve the file from the remote server to your local environment via SSH or SCP.
orch-start: starts the orchestrator service. This command is a shortcut for
systemctl start rapid7-orchestrator
orch-stop: stops the orchestrator service. This command is a shortcut for
systemctl stop rapid7-orchestrator
orch-restart: restarts the orchestrator service
orch-config: opens a vim editor for the orchestrator
To access your Orchestrator with SSH (secure shell):
- Find and record your IPv4 address for your VM (virtual machine) with the instructions in Find VM IPv4 address.
- From a remote console with network access to your VM, use a command-line shell to run
ssh rapid7@<ipaddress>with the IP address you recorded in Step 1.
- When prompted for a password, type
changeme. You should now have SSH access into the orchestrator VM.
- Change your password to something secure by running the
You can use these clients to secure shell (SSH) into your virtual machine (VM).
- Linux and MacOS: An SSH client is available natively on Linux and Mac OS operating systems.
- Windows: There are 2 great SSH client options for Windows: the native SSH client, usually available through Chocolatey, or Putty.
- Native SSH client: You can go to https://chocolatey.org/packages/openssh/ to install the native SSH client. With a native SSH client installed, you can open Powershell on Windows and connect to your orchestrator.
- Putty: You can go to https://www.putty.org/ to download Putty. Open Putty and enter the IP address or hostname for your orchestrator into the Hostname(or IP address) field, then click Open. When prompted for a username, enter rapid7.
Find VM IPv4 Address
To find your orchestrator virtual machine’s IPv4 address, follow the instructions for your virtual machine system.
- VMWare Workstation: Find and open the virtualization console window for your orchestrator machine, and run
ifconfigfrom the terminal. From the output, locate the value for
enp0s3. Your network interface name may vary; another common name it may be is
- VMWare Virtual Center: Your VM’s IP address is available in the VSphere web application in the ___ section. If you don’t have access to the VCenter VSphere web app, your network administrator for vcenter should be able to provide the IP address for the machine for you. See VMWare documentation for further assistance https://docs.vmware.com/en/VMware-vSphere/6.7/com.vmware.esxi.install.doc/GUID-8C70FB9B-D2AB-424E-BBBD-B77AC33C6EF8.html.
- AWS EC2: Use the public IPv4 address assigned to your Orchestrator EC2 instance. You can find this by visiting AWS documentation and following their provided instructions. https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-instance-addressing.html#working-with-ip-addresses.
Unique Network Settings
Every network is different, and your settings may require further configuration to successfully SSH into the orchestrator VM. Check with your IT team if:
- Following the previous steps results in any SSH error
- The ssh` command times out
You may need to check your firewalls, port forwarding settings, or set up SSH key pairs.
The virtualization service you use may also require different SSH settings. Visit these suggested resources to configure SSH for your virtualization service:
- SSH into Linux Instances in AWS EC2: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AccessingInstancesLinux.html
- SSH into Linux Instances in VMWare Workstations: https://docs.vmware.com/en/VMware-Workstation-Pro/15.0/com.vmware.ws.using.doc/GUID-1BCEF02D-D29F-492C-A69D-281B7D2DA9D2.html
- SSH Help for VMWare VCenter or VSphere: https://pubs.vmware.com/vsphere-51/index.jsp?topic=%2Fcom.vmware.vsphere.vcenterhost.doc%2FGUID-8DC793FF-1E00-43A1-B85C-070414B9F9B0.html