Users Guide

ManualsBrandsDell ManualsComputer HardwarePowerEdge T630

131

132

133

134

135

136

137

138

139

140

tty10

tty11

ttyS1

Supported SSH cryptography schemes

To communicate with iDRAC using SSH protocol, it supports multiple cryptography schemes listed in the

following table.

Table 12. ssh cryptography schemes

Scheme Type Scheme

Asymmetric Cryptography Diffie-Hellman DSA/DSS 512-1024 (random) bits

per NIST specification

Symmetric Cryptography

• AES256-CBC

• RIJNDAEL256-CBC

• AES192-CBC

• RIJNDAEL192-CBC

• AES128-CBC

• RIJNDAEL128-CBC

• BLOWFISH-128-CBC

• 3DES-192-CBC

• ARCFOUR-128

Message Integrity

• HMAC-SHA1-160

• HMAC-SHA1-96

• HMAC-MD5-128

• HMAC-MD5-96

Authentication Password

PKA Authentication Public-private key pairs

Using public key authentication for SSH

iDRAC supports the Public Key Authentication (PKA) over SSH. This is a licensed feature. When the PKA

over SSH is set up and used correctly, you need not enter the user name or password while logging into

iDRAC. This is useful for setting up automated scripts that perform various functions. The uploaded keys

must be in RFC 4716 or openssh format. Else, you must convert the keys into that format.

In any scenario, a pair of private and public key must be generated on the management station. The

public key is uploaded to iDRAC local user and private key is used by the SSH client to establish the trust

relationship between the management station and iDRAC.

You can generate the public or private key pair using:

• PuTTY Key Generator application for clients running Windows

• ssh-keygen CLI for clients running Linux.

140