Secure Shell (SSH) in HP SIM

ManualsBrandsHP ManualsSoftwareHP Systems Insight Manager for Linux

Introduction

This is an era of the security conscious IT administrator. User names an

d passwords are no longer

passed in the clear over the intranet or Internet.

Administrators try to provide

secure access into

managed systems so that only authorized users have access to our most sensitive information.

In the past

Telnet was

used to

to a remote system and

perform

commands that add, delete, and

modify files. However, Telnet is not a secure method and does not protect network traffic.

There is a small, unassuming, yet robust solution, which is reasonably easy to use, inexpensive, and

available for most of today’s operating systems. This solution is Secure Shell (SSH), which is not a

shell at all but a

secure remote access protocol.

The SSH protocol provides security on the network,

authentication, and data exchange with spoof protectio

ns and encryption.

HP SIM is a robust system management tool. Through use of the Distributed Task Facility (DTF) and

SSH, HP SIM is able to securely log into remote systems on behalf of the HP SIM user of the central

management server (CMS) and make modif

ications, additions, and run commands. The HP SIM

terminology for these processes is called tasks.

This white paper provides the following:



Provides a

n overview of SSH and OpenSSH, which is an implementation of SSH



Demonstrates how SSH is used in HP SIM



Discusses some of the problems that can be encountered during its usage



Presents a recommended troubleshooting method when the SSH connection does not appear to be

working

Some of the programs installed into HP SIM, called plug

ins, also use the capabil

ities of SSH, and

mention is made of plug

ins where appropriate.

The custom commands and some command line tools (MSA) of HP SIM might require that SSH be

installed and configured on the CMS. Other tools (SSA) require SSH on the managed system where

they

are to run. Refer to

Appendix B: Tool examples

for examples of the MSA and SSA tools.

This paper focuses on the HP SIM version 6.x, which has a number of changes in SSH handling from

previous versions. Additi

onal white papers are available for earlier versions of HP SIM.

Why SSH?

SSH was selected to be used with HP SIM for the following reasons:



To provide a way to securely

issue

commands and copy files to remote systems



To provide secure authentication mecha

nisms



To encrypt all data sent over the wire, unlike the traditional UNIX® r services



To provide a popular, non

proprietary protocol

What is SSH

SSH is a protocol for secure remote access based on public key encryption. It provides a specification

for

to c

onduct

ing

secure communication

over the network. Communications to and from the remote

system uses the SSH protocol. This is conceptually similar to Secure Sockets Layer (SSL) which is

another security protocol used in many internet communications such as

Hypertext Transfer Protocol

over Secure Socket Layer (HTTPS).

The SSH suite includes:



ssh

program

which replaces

rlogin

and

telnet