Secure Shell (SSH) in HP SIM
File type
HP
-
UX
Linux
Windows
Public key
authentication
authorized_keys2
$HOME/<usr>/.ssh
$HOME/<usr>/.ssh
C:
\
Documents and
Settings
\
<usr>
\
.ssh or
C:
\
Documents and
Settings
\
hpsimssh
\
.ssh
Host authentication
ssh_known_hosts
and shosts.equiv
/etc/opt/ssh/
/etc/ssh/
C:
\
Program Files
\
OpenSSH
\
etc
CMS client ssh keys
.dtfSshKey and
.dtfSshKey.pub
/etc/opt/mx/config
/sshtools/
(hidden files)
etc
/opt/mx/config/ssht
ools/
(hidden files)
C:
\
Program Files
\
HP
\
Systems
Insight Manager
\
config
\
sshtools
\
known_hosts ( for
HP Systems Insight
Manager)
/etc/opt/mx/config
/ sshtools/
/etc/opt/mx/config/ssh
tools/
C:
\
Program Files
\
HP
\
Systems
Insight Manager
\
co
nfig
\
sshtools
\
Known_hosts
You can locate t
he list of known host keys in the file
known_hosts
file
.
The file
contains the public
host keys of the SSH servers that are trusted by the SSH client and HP SIM. Note that, by default, HP
SIM does not require h
ost keys to match the entries in the known_hosts file.
Here is an example of a
known_hosts
file displaying two entries:
192.103.1.21 ssh
-
dss
AAAAB3NzaC1kc3MAAACBAM8yDS/qQI8pqwavOcXat4ygJFSsX1SNqXvW7sKzYrYF0k1
wk9LyUyHdnTVI8MRRQYZpOsR+UFqhHz2/emADlNSvlL2mH
td5yUbz/QKWT6ikAX7lxe
Pg1HtcDvFfLoPG8k0uENvQgb1Exfzbdf9+CpoyG0QFnrWns+xYzBW3FbpXAAAAFQCHO
IKdwA0A1qNNHPKbbCCnzOg3+wAAAIAeGMN7NuaR72bHGe9pgBd9vBh3MX/Jdh8aptFR
Tl0cj4U/0aMa5WU4z/dL9N/8/GmgGxHr1VAJjF4TaIyC0HsM7/t16TunDHr9OFddsWg
RCP3UBA28xwLI/enCuORTwcyW0M+SMMOPc
PgDd74OOGN+gK107sSstMNn9ooOAGnw5A
AAAIBQwoqfiDV6Zmp+v0XO+TWr12Hta2u8ZeeWfoM1ZeQnSUyRuv0Cf1vcUFS6BeFlI
X+b7+zqtZfFP3xQTgMHk7Uf3t1NJHBSr9kI4Te3Mdj2WLClcMnEMPPqoa5w5+5GGGBC
+zPqT2t6ZZ8rqo3Hf8vJwUZvQfZrrWi5hGQa6/snnA==
Ovpc129.rse.hp.com,192.87.137.243 ssh
-
dss
AA
AAB3NzaC1kc3MAAACBALuFgiIFPeNLJw7o4/wup7Qal8qZSRJWVe/oZb7BR9haLA9
oc5yhDv07a1xHgyAzkg3ghdoVk70QbMye44DTP4VHPzM1CQ4jSVRC8+l9sPvMPlCfAl
am66c15GInVytqExcD5zTu1wSp44oJne0yFJ9XcGLcNGP+x4wa7D2C3Mr/AAAAFQDDV
P1Kn8pJMvbq46/T86T1uMZ0QQAAAIEAk/qa4eyxlmWoPO2GxEPv9+LP1K
NM2YzfZuJF
AgV6XWTbaEHYh8uDsgpjddTDi4Yu49u5xIdS1+bFjb72WQKZj46EH4BTddUNTUYVHUp
kGgwJDB8ie+jJCkqJg8wJexDJquK+EGAYYkitLpUoVUHKTFxXiX4DxfK7cv+IDZ7UAJ
AAAACAcK7VcmEBCqcgGNJXhsj1laM1ujDfxXgCzXjMdotMkib8Ye1vp3hc2MuN6BVz7
OeJTsopFTEj2J86SoT9zIl9qPO/rm3FrCIm/8VuDVezcp
VIS7TyrSQWbdQwVmeAJX/u
TIJB48suUDrjlF/bsUfM1naU/kZFSwnMo09Pa+mJ/uI=
Note:
There can be more than one key for a system in the known_hosts file. It can
be listed by IP address, short DNS name
,
or
fully qualified DNS name.
Only the first key identified during
the transaction is read. If incorrect, the
connection is rejected.
Client Public Key Authentication
For public key client authentication as used by HP SIM, a key pair is created and stored in the
C:
\
Program Files
\
HP
\
Systems Insight Manager
\
config
\
sshtools
directory. The
private key never leaves the client. It is used during authentication to decode messages that the
remote SSH server encodes with the matching public key. The public key is not used by the SSH
client. It is stored here so that it can be copi
ed to remote systems. The public key is appended to the
authorized_keys2
file for a given user on the remote managed system. This is the list of keys that
is checked by the SSH server when a remote login is being requested using public key authentication.