Secure Shell (SSH) in HP Systems Insight Manager 5.1 and 5.2

ManualsBrandsHP ManualsSoftwareHP Systems Insight Manager for Linux

Troubleshooting

Diagnostic tool to check SSH setup

The

mxagen

tconfig

tool can be used to check whether SSH on the target system is configured

properly to be used with HP SIM. This option verifies whether the SSH connection can be successfully

authenticated for the specified user using the HP SIM user public key and

host

based authentication

methods. If the authentication is successful, HP SIM is able to execute tools on the target system.

The syntax to use from the CMS platform is the following:

mxagentconfig

–

u username

–

n targetsystemname

Checklist to debug SSH

on Windows

The following checklist will help identify the cause of any problems you find with running SSH tasks on

Windows. Note that it is important you are running with the latest version of HP SIM and the latest

version of OpenSSH for HP SIM.

What u

ser name are tasks to run as?

This is a key question to answer, as this user must be configured for SSH access on the target

managed system. The user can be specified in the tool that is to be run, although some tools

run as the user signed into HP SIM.

The user is displayed on the

Task Results

page.

Tools supplied by HP SIM to run on Windows systems will specify the Administrator user.

These tools can run as an alternate user if the administrator has been renamed or disabled;

check the WindowsAdminUs

erName property to determine the user name to be used:

> mxglobalsettings

ld WindowsAdminUserName

WindowsAdminUserName = MyAdmin

Is this user name valid?

Check the operating system to ensure that the user from step 1 is a valid Windows account

that can lo

g into the target system.

Check the Administrators group of the target system to ensure that this user is a member

because only administrators can use the OpenSSH supplied by HP SIM.

Important:

Domain users must be explicit members of the local Adminis

trators group; the

OpenSSH supplied by HP SIM does not check membership of domain groups when

determining access permission.

Some tools supplied by HP SIM must run other tools as part of their operation. To do this, the

user must be a valid HP SIM user

with authorizations for the target systems. Check the HP

SIM authorizations to ensure that this user is a valid HP SIM user and has authorizations to

run tools on the CMS.