Table 23. Cryptography Schemes

Scheme Type

Scheme

 

 

Asymmetric Cryptography

Diffie-Hellman DSA/DSS 512–1024 (random) bits per NIST

 

specification

Symmetric Cryptography

AES256-CBC

 

RIJNDAEL256-CBC

 

AES192-CBC

 

RIJNDAEL192-CBC

 

AES128-CBC

 

RIJNDAEL128-CBC

 

BLOWFISH-128-CBC

 

3DES-192-CBC

 

ARCFOUR-128

Message Integrity

HMAC-SHA1-160

 

HMAC-SHA1-96

 

HMAC-MD5-128

 

HMAC-MD5-96

Authentication

Password

Configure Public Key Authentication Over SSH

You can configure up to six public keys that can be used with the service username over an SSH interface. Before adding or deleting public keys, make sure to use the view command to see what keys are already set up, so that a key is not accidentally overwritten or deleted. The service username is a special user account that can be used when accessing the CMC through SSH. When the PKA over SSH is set up and used correctly, you need not enter username or passwords to log in to the CMC. This can be very useful to set up automated scripts to perform various functions.

NOTE: There is no GUI support for managing this feature, you can use only the RACADM.

When adding new public keys, make sure that the existing keys are not already at the index, where the new key is added. CMC does not perform checks to ensure previous keys are deleted before a new one is added. As soon as a new key is added, it is automatically in effect as long as the SSH interface is enabled.

When using the public key comment section of the public key, remember that only the first 16 characters are utilized by the CMC. The public key comment is used by the CMC to distinguish SSH users when using the RACADM getssninfo command, because all the PKA users use the service username to log in.

For example, if two public keys are set up one with comment PC1 and one with comment PC2:

racadm getssninfo

IP Address

Login

Type

User

Date/Time

PC1

x.x.x.x

06/16/2009

SSH

09:00:00

PC2

x.x.x.x

06/16/2009

SSH

09:00:00

 

 

 

151

Page 151
Image 151
Dell 2 manual Configure Public Key Authentication Over SSH, Racadm getssninfo IP Address Login Type User Date/Time, 090000