Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 5.20 for Dell PowerEdge M1000E
141142143144145146147148149150
Configure Public Key Authentication over SSH
You can configure up to 6 public keys that can be used with the service username over SSH interface. Before adding or deleting
public keys, be sure to use the view command to see what keys are already set up so that a key is not accidentally overwritten or
deleted. The service username is a special user account that can be used when accessing the CMC through SSH. When the PKA
over SSH is set up and used correctly, you need not enter username or passwords to log in to the CMC. This can be very useful to
set up automated scripts to perform various functions.
NOTE: There is no GUI support for managing this feature; you can only use RACADM.
When adding new public keys, ensure that the existing keys are not already at the index where the new key is added. CMC does not
perform checks to ensure previous keys are deleted before a new one is added. As soon as a new key is added, it is automatically in
effect as long as the SSH interface is enabled.
When using the public key comment section of the public key, remember that only the first 16 characters are utilized by the CMC.
The public key comment is used by the CMC to distinguish SSH users when using the RACADM getssninfo command since all
PKA users use the service username to log in.
For example, if two public keys are set up one with comment PC1 and one with comment PC2:
racadm getssninfo
Type User IP Address Login
Date/Time
SSH PC1 x.x.x.x 06/16/2009
09:00:00
SSH PC2 x.x.x.x 06/16/2009
09:00:00
For more information on the sshpkauth, see the Chassis Management Controller for Dell PowerEdge M1000e RACADM
Command Line Reference Guide
.
Related links
Generating Public Keys for Systems Running Windows
Generating Public Keys for Systems Running Linux
RACADM Syntax Notes for CMC
Viewing Public Keys
Adding Public Keys
Deleting Public Keys
Generating Public Keys for Systems Running Windows
Before adding an account, a public key is required from the system that accesses the CMC over SSH. There are two ways to
generate the public/private key pair: using PuTTY Key Generator application for clients running Windows or ssh-keygen CLI for
clients running Linux.
This section describes simple instructions to generate a public/private key pair for both applications. For additional or advanced
usage of these tools, see the application Help.
To use the PuTTY Key Generator to create the basic key for systems running Windows clients:
1. Start the application and select SSH-2 RSA for the type of key to generate (SSH-1 is not supported).
2. Enter the number of bits for the key. RSA key size should be between 2048 and 4096.
NOTE:
CMC may not display a message if you add keys less than 2048 or greater than 4096, but when you try to log in with
these keys, it fails.
CMC accepts RSA keys up to key strength 4096, but the recommended key strength is 2048.
3. Click Generate and move the mouse in the window as directed.
After the key is created, you can modify the key comment field.
You can also enter a passphrase to make the key secure. Ensure that you save the private key.
4. You have two options for using the public key:
149