Table of Contents
Advertisement
OpenSSH key format
iLO legacy format
The iLO legacy format keys are OpenSSH keys surrounded by the BEGIN/END headers needed for
RIBCL.
This format must be one line between the BEGIN SSH KEY and END SSH KEY text.
CAC Smartcard Authentication
A common access card (CAC) is a United States Department of Defense (DoD) smartcard for multifactor
authentication. Common access cards are issued as standard identification for active-duty military
personnel, reserve personnel, civilian employees, non-DoD government employees, state employees of
the National Guard, and eligible contractor personnel. In addition to its use as an ID card, a common
access card is required for access to government buildings and computer networks.
Each CAC carries a smartcard certificate that must be associated with your local user account in the iLO
web interface. Upload and associate your smartcard certificate with your account by using the controls on
the Certificate Mappings page.
CAC authentication with LDAP directory support uses a service account to authenticate to the directory
service, and the user account must be present in the same domain as the configured directory server.
Additionally, the user account must be a direct member of the configured groups or extended schema
Roles. Cross-domain authentication and nested groups are not supported.
Two-factor authentication
Part of the requirement necessary to satisfy Federal Government Certification is two-factor authentication.
Two-factor authentication is the dual authentication of the CAC. For example, the CAC satisfies two-factor
authentication by mandating that you have the physical card and you know the PIN number associated
with the card. To support CAC authentication, your smartcard must be configured to require a PIN.
CAC Smartcard Authentication
241
Advertisement
Table of Contents
Troubleshooting
