Manualshelf

HP StorageWorks Fabric OS 6.2 administrator guide (5697-0016, May 2009)

ManualsBrandsHP ManualsStorageHP 8/80 Base (48) Full Fabric Ports Enabled SAN Switch
101102103104105106107108109110
Fabric OS 6.2 administrator guide 107
switch:alloweduser> sshutil importpubkey
Enter IP address:192.168.38.244
Enter remote directory:~auser/.ssh
Enter public key name(must have .pub suffix):id_dsa.pub
Enter login name:auser
Password:
Public key is imported successfully.
6. Generate a key pair for switch-to-host (outgoing) authentication by logging in to the switch as the
allowed user and entering the following command:
sshUtil genkey
Enter a passphrase for additional security.
Example: Generating a key pair on the switch
switch:alloweduser>
sshutil genkey
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Key pair generated successfully.
7. Export the public key to the host by logging in to the switch as the allowed-user and entering the
following command to export the key:
sshUtil exportpubkey
Respond to the prompts as follows:
Example: Exporting a public key from the switch
switch:kghanta>
sshutil exportpubkey
Enter IP address:192.168.38.244
Enter remote directory:~auser/.ssh
Enter login name:auser
Password:
public key out_going.pub is exported successfully.
8. Log in to the remote host, locate the directory where authorized keys are stored, and append the public
key to the file.
You may need to see the host’s documentation to locate where the authorized keys are stored.
9. Test the setup by using a command that uses SCP and authentication, such as firmwareDownload or
configUpload.
Deleting keys on the switch
1. Log in to the switch as the allowed-user.
2. Use the sshUtil delprivkey command to delete the private key or use the sshUtil
delpubkeys command to delete all public keys.
For more information on IP Filter policies, see Chapter 4, ”Configuring advanced security features” on
page 117.
ip address Enter the IP address of the remote host. IPv6 is supported by
sshUtil.
remote
directory
Enter the path to the remote directory where the public key will be
stored.
login name Enter the name of the user granted access to the remote host.
password Enter the password for the remote host.