HP StorageWorks Fabric OS 6.1.1 administrator guide (5697-0235, December 2009)

92 Configuring standard security features

Sample RSA/DSA key pair generation

alloweduser@mymachine: ssh-keygen -t dsa

Generating public/private dsa key pair.

Enter file in which to save the key (/users/alloweduser/.ssh/id_dsa):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /users/alloweduser/.ssh/id_dsa.

Your public key has been saved in /users/alloweduser/.ssh/id_dsa.pub.

The key fingerprint is:

32:9f:ae:b6:7f:7e:56:e4:b5:7a:21:f0:95:42:5c:d1 alloweduser@mymachine

5. Import the public key to the switch by logging in to the switch as the allowed-user and issuing the

following command to import the key:

sshUtil importpubkey

Respond to the prompts as follows:

Example: adding the public key to the switch

switch:alloweduser> sshutil importpubkey

Enter IP address:192.168.38.244

Enter remote directory:~auser/.ssh

Enter public key name(must have .pub suffix):id_dsa.pub

Enter login name:auser

Password:

Public key is imported successfully.

6. Generate a key pair for switch-to-host (outgoing) authentication by logging in to the switch as the

allowed user and issuing the following command:

sshUtil genkey

Enter a passphrase for additional security.

Example: generating a key pair on the switch

switch:alloweduser> sshutil genkey

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Key pair generated successfully.

7. Export the public key to the host by logging in to the switch as the allowed-user and issuing the

following command to export the key:

sshUtil exportpubkey

Respond to the prompts as follows:

IP Address Enter the IP address of the switch. IPv6 is supported by sshUtil.

Remote