HP SIM V5.1 User Guide (356920-009, January 2007)
HP Systems Insight Manager (HP SIM) provides the following SSH key configuration options:
• Select secure shell public keys security level Select Options→Security→SSH Keys.
• Importing SSH keys Select Options→Security→SSH Keys, select the SSH Key to be imported,
and click Import.
• ExportingSSH keys Select Options→Security→SSH Keys, select the SSH Key to be exported, and
click Export.
• Deleting SSH keys Select Options→Security→SSH Keys, select the SSH Key to be deleted, and
click Delete.
Related procedures
• Importing an SSH key
• Exporting an SSH key
• Deleting an SSH key
• Configuring SSH key security
Configuring SSH key security
Configuring the
Secure Shell
(SSH) key security level enables you to specify the level of security on the
Central
Management Server
(CMS).
To configure the SSH key security level on the CMS:
1. Select Options→Security→SSH Keys. The SSH Keys page appears.
Under Select managed systems SSH public key behavior, the following options are available:
• The Central Management Server saves the key sent the first time an SSH connection is made.
• The Central Management Server accepts an SSH connection with any key, even if not in the list
below.
This option is selected by default.
This option causes all connections to the host to be accepted, even when the SSH key has changed.
The known_hosts file is disabled and updated to reflect the new key.
Note: This option provides no protection against man-in-middle attacks.
• The Central Management Server accepts an SSH connection only if the key is in the list below
This option requires the SSH key to appear in the Managed Systems SSH Public Keys list.
Note: HP recommends this option because it is the most secure.
2. Click OK. The setting is saved.
Note: Alternately, you can set the property value for MX_SSH_ADD_UNKNOWN_HOSTS, in mx.properties
file, to either ALWAYS, NEVER, or FIRST TIME. Restart the HP SIM service for the setting to take effect.
Related procedures
• Importing an SSH key
• Exporting an SSH key
• Deleting an SSH key
Related topic
▲ Managing SSH keys
Importing an SSH key
Importing a
Secure Shell
(SSH) key list enables the
Central Management Server
(CMS) to authenticate a
secure connection and execute commands on managed systems. Multiple SSH keys are imported from one
file, and each SSH key appears on a line and is associated with a host system.
Managing SSH keys 515