HP 3PAR Command Line Interface Administrator's Manual: HP 3PAR OS 3.1.2 (QR482-96525, September 2013)

CAUTION: For security purposes, the file containing the private key must be protected from
unauthorized access. Failure to protect the file can cause the key to be compromised.
CAUTION: If the system is operating in Common Criteria mode, LDAP users must not use a public
key. For more information about Common Criteria, see the HP 3PAR Common Criteria
Administrator’s Reference.
The public key must be stored on the system using the setsshkey command to enable users
to log in without a password.
The private key must be kept in a file accessible by scripts that use CLI commands.
The key pair is generated by using the ssh–keygen utility (typically included in an SSH client
software package and available on UNIX and Windows platforms).
NOTE: The following screen examples show output for UNIX systems. Windows screens are
simlar, with DOS prompts replacing UNIX prompts.
The following steps describe setting up CLI scripting through SSH:
1. Create a CLI user and password using the createuser command.
$ssh user1@system1
3paradms password: ******
system1 cli% createuser c testpw3 user3 all browse
User created
In the previous example, user user1 logs into system system1 and creates user user3 with
the password testpw3.
2. Create a key pair using the ssh–keygen utility. Both rsa and dsa key formats are supported
by the system, and the recommended key length is at least 1024 characters.
NOTE: For additional information about the ssh–keygen utility and rsa and dsa key formats,
consult the SSH client documentation.
To create a key pair using rsa format:
$ sshkeygen b 1024 t rsa
To create a key pair using dsa format:
$ sshkeygen b 1024 t dsa
Generating public/private dsa key pair.
Enter file in which to save the key (/home/usr/user3/.ssh/id_dsa):
Created directory '/home/usr/user3/.ssh'.
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/usr/user3/.ssh/id_dsa.
Your public key has been saved in /home/usr/user3/.ssh/id_dsa.pub.
The key fingerprint is:
3f:a0:b5:6a:4d:dd:45:76:37:fb:a3:3e:52:44:55:32 user3@3pardata.com
SSH 55