Secure Shell (SSH) in HP Systems Insight Manager 5.1 and 5.2
29
You can run SSH with the
-
v to produce verbose output, which might help diagnose any
problems.
4.
Does the
known_hosts
file have a different host key for the target system?
A mismatched host key can be caused by reinstalling OpenSSH on the target system
, or can
indicate an imposter. By default HP SIM does not validate host keys, but this can be enabled
for more secure installations. You can remove a managed system from the HP SIM
known_hosts file using the
-
r option of mxagentconfig:
CMS> mxagentconfig
-
r
-
n blade0
8
Successfully unregistered from localhost
5.
Is OpenSSH configured to allow access from HP SIM?
Use the
Configure
Configure or Repair Agents
tool to configure SSH on the
managed system. Check the box to configure SSH access.
This tool sets up the passwd file and host or user public key authentication for the user name
specified in this task. Continue with the following steps to verify its operation.
6.
Is the user configured for SSH access?
Use mxagentconfig to con
figure the user name for remote access using user public key
authentication. Use
mxagentconfig
–
c
to verify the configuration.
CMS> mxagentconfig
-
c
–
n blade08
-
u myadmin
myadmin@blade08: success
If this fails, check the
authorized_keys2
file on the man
aged system in the .
ssh
subdirectory of appropriate home directory for the specified user, as specified in the
passwd
file; it should contain the public key from the CMS. See
mxagentconfig errors
. You can take
the following step
s to manually install user public keys:
a.
On a Windows CMS:
i.
Go to
C:
\
Program Files
\
HP
\
Systems Insight
Manager
\
config
\
sshtools
.
ii.
Enter the following:
copy .dtfSshKey.pub authorized_keys2
iii.
Log into the remote system and change to the user name’s home directory
(as
specified in the
passwd
file)
iv.
If not present, create an .
ssh
directory.