Configure Public Key Authentication Over Ssh - Dell PowerEdge VRTX User Manual

Chassis management controller version 1.0 for dell poweredge vrtx user's guide

Hide thumbs Also See for PowerEdge VRTX:

Reference manual (931 pages)

Owner's manual (159 pages)

Technical manual (45 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

Table of Contents

Scheme Type

Message Integrity

Authentication

Configure Public Key Authentication Over SSH

You can configure up to six public keys that can be used with the service username over an SSH interface. Before

adding or deleting public keys, make sure to use the view command to see what keys are already set up, so that a key

is not accidentally overwritten or deleted. The service username is a special user account that can be used when

accessing the CMC through SSH. When the PKA over SSH is set up and used correctly, you need not enter username or

passwords to log in to the CMC. This can be very useful to set up automated scripts to perform various functions.

NOTE: There is no GUI support for managing this feature, you can use only the RACADM.

When adding new public keys, make sure that the existing keys are not already at the index, where the new key is

added. CMC does not perform checks to ensure previous keys are deleted before a new one is added. As soon as a new

key is added, it is automatically in effect as long as the SSH interface is enabled.

When using the public key comment section of the public key, remember that only the first 16 characters are utilized by

the CMC. The public key comment is used by the CMC to distinguish SSH users when using the RACADM getssninfo

command, because all the PKA users use the service username to log in.

For example, if two public keys are set up one with comment PC1 and one with comment PC2:

racadm getssninfo

Type

User

IP Address

Date/Time

SSH

PC1

x.x.x.x

09:00:00

SSH

PC2

x.x.x.x

09:00:00

For more information about the sshpkauth, see the

Command Line Reference Guide .

Generating Public Keys for Systems Running Windows

Before adding an account, a public key is required from the system that accesses the CMC over SSH. There are two

ways to generate the public/private key pair: using PuTTY Key Generator application for clients running Windows or ssh-

keygen CLI for clients running Linux.

This section describes simple instructions to generate a public/private key pair for both applications. For additional or

advanced usage of these tools, see the application Help.

To use the PuTTY Key Generator to create a basic key for clients running Windows:

Start the application and select SSH-2 RSA or SSH-2 DSA for the type of key to generate (SSH-1 is not supported).

Enter the number of bits for the key. The number should be between 768 and 4096.

NOTE: CMC may not display a message if you add keys less than 768 or greater than 4096, but when you try to

Scheme

•

ARCFOUR-128

•

HMAC-SHA1-160

•

HMAC-SHA1-96

•

HMAC-MD5-128

•

HMAC-MD5-96

Password

06/16/2009

Chassis Management Controller for PowerEdge VRTX RACADM

125

Table of Contents

Show Quick Links

Quick Links:
Chassis Overview

Hide quick links:

Table of Contents

Configure Public Key Authentication Over Ssh - Dell PowerEdge VRTX User Manual

Configure Public Key Authentication Over SSH

Hide quick links:

Troubleshooting

Related Manuals for Dell PowerEdge VRTX

Related Content for Dell PowerEdge VRTX

Table of Contents