Manuals / Brands / TV and Video / Universal Remote / Fujitsu / TV and Video / Universal Remote

Fujitsu IRMC S2/S3 4.3.3 SSHv2 public key authentication for iRMC S2/S3 users

1 426

Download 426 pages, 8.34 Mb

72 iRMC S2/S3

Local user management for the iRMC S2/S3

4.3.3 SSHv2 public key authentication for iRMC S2/S3

users

In addition to authentication by means of a user name and password, the

iRMC S2/S3 also supports SSHv2-based public key authentication using pairs

of public and private keys for local users. To implement SSHv2 public key

authentication, the SSHv2 key of an iRMC S2/S3 user is uploaded to the

iRMC S2/S3 and the iRMC S2/S3 user uses their private key with the program

PuTTY or the OpenSSH client program ssh, for example.

The iRMC S2/S3 supports the following types of public keys:

– SSH DSS (minimum requirement)

– SSH RSA (recommended)

The public SSHv2 keys that you upload to the iRMC S2/S3 can be available

either in RFC4716 format or in OpenSSH format (see page 84).

Public key authentication

In outline, public key authentication of a user on the iRMC S2/S3 happens as

follows:

The user who wishes to log into the iRMC S2/S3 creates the key pair:

– The private key is read-protected and remains on the user's computer.

– The user (or administrator) uploads the public key to the iRMC S2/S3.

If the configuration allows this, the user can now log into the iRMC S2/S3

extremely securely and without the need to enter a password. The user is only

responsible for keeping their private key secret.

The following steps are necessary to set up private key authentication. They are

described in the subsequent sections:

1. Creating the public and private SSHv2 keys with the program PuTTYgen or

ssh-keygen and saving them in separate files (see page 73).

2. Loading the public SSHv2 key onto the iRMC S2/S3 from a file

(see page 77).

3. Configuring the program PuTTY or ssh for SSHv2 access to the iRMC S2/S3

(see page 79).

Contents

Main Page Contents Page Page Page Page Page Page Page 1 Preface 1.1 Purpose and target groups of the manual 1.2 Functions of the iRMC S2/S3 (overview) Page Page Page Page Page 1.3 Communication interfaces of the 1.4 Communication protocols used by the I 1.5 IPMI - technical background Page Page Page Page I Page Page 1.6 DCMI (Data Center Management Interface) 1.7 Changes since the previous versions of the manual Page Page 1.8 ServerView Suite link collection I 1.9 Documentation for ServerView Suite 1.10 Notational conventions V I Page 2 Logging on to the iRMC S2/S3 for the first time 2.1 Requirements 2.2 iRMC S2/S3 factory defaults I 2.3 Logging into the iRMC S2/S3 web interface I Page 3 Configuring the iRMC S2/S3 3.1 Configuring the LAN interface of the I 3.1.1 Prerequisites I (2) (1) 3.1.2 Configuring the LAN interface: Configuration tools 3.1.3 Configuring the LAN interface using the BIOS / TrustedCore / UEFI setup utility Page Page I 3.1.4 Testing the LAN interface 3.2 Configuring text console redirection via LAN using the BIOS / TrustedCore / UEFI setup utility I 3.2.1 Configuring text console redirection for the iRMC S2 I Page Page Page Page 3.2.3 Using console redirection while the operating system is running I Page Page 3.3.1 Configuring the serial interface of the iRMC S2 Page Page Page 3.3.3 Using the Remote Manager (Serial) interface 3.4 Configuring the iRMC S2/S3 over the iRMC S2/S3 web interface 3.4.1 Configuring the LAN parameters 3.4.2 Configuring alerting 3.4.3 Configuring text console redirection 4 User management for the iRMC S2/S3 I 4.1 User management concept for the I 4.2 User permissions I 4.3 Local user management for the iRMC S2/S3 4.3.1 Local user management using the iRMC S2/S3 web interface I 4.3.2 Local user management via the Server Configuration Manager I 4.3.3 SSHv2 public key authentication for iRMC S2/S3 users Page Page Page Page Page Page Page Page Page Page I Page 5 Advanced Video Redirection (AVR) I 5.1 Requirements: Check the AVR settings I 5.2 Using AVR 5.2.1 Using a low bandwidth 5.2.2 Parallel AVR sessions 5.2.3 Local Monitor Off" function 5.2.4 Redirecting the keyboard Page 5.2.5 Redirecting the mouse I (3) (1) (2) Page Page Page Page I Page 5.3 Menus of the AVR window 5.3.1 Extras menu Page I 5.3.2 Remote Storage menu 5.3.3 Power Control menu 5.3.4 Languages menu 5.3.5 Preferences menu I Page 6Remote Storage I 6.1 Providing remote storage at the remote workstation I 6.1.1 Starting Remote Storage I Page 6.1.2 Provision of storage media for emote Storage I Page Page 6.1.3 Connecting storage media as remote storage Page I Page 6.1.4 Clearing Remote Storage connections I 6.1.5 Removing the storage medium 6.2 Providing remote storage via a Remote Storage server I 6.2.1 Installing the Remote Storage server 6.2.2 Remote Storage server execution modes Page Page Page I Page 7 iRMC S2/S3 web interface I 7.1 Logging into the iRMC S2/S3 web interface I 138 7.2 Required user permissions Page Page Page Page 7.3 Structure of the user interface Page Page Page Page Page Page I Page 7.4.2 System Component Information - Information on the server components I Page 7.5 BIOS - Backing up/restore BIOS settings, flashing BIOS I 7.5.1 Backup/Restoration - Saving/Restoring BIOS single parameter settings to/from a file Page Page Page Page Page Page Page Page Page Page Page I Page 7.6.2 Save iRMC S2/S3 Firmware Settings - Save firmware settings I Page Page 7.6.3 Certificate Upload - Load the DSA/RSA certificate and private DSA/RSA key Page Page Page Page Page Page Page I 7.6.5 iRMC S2/S3 Firmware Update Page Page Page I 7.7 Power Management 7.7.1 Power On/Off - power the server up/down Page Page Page Page Page Page I Page Page Page Page 7.8 Power Consumption 7.8.1 Power Consumption Configuration - Configure power consumption of the server Page Page Page Page Page Page Page Page Page I 7.9 Sensors - Check status of the sensors Page Page Page Page Page Page Page Page Page Page I 7.10 System Event Log and Internal Event Log Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page I Page Page Page Page Page 7.13.1 SNMP Trap Alerting - Configure SNMP trap alerting I 7.13.2 Serial / Modem Alerting - Configure alerting via modem I Page 7.13.3 Email Alerting - Configure email alerting Page Page Page I Page 7.14 User Management 7.14.1 iRMC S2/S3 User - local user management on the iRMC S2/S3 Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page Page I 7.14.3 Centralized Authentication Service (CAS) Configuration - Configuring the CAS Service Page Page Page I Page 7.15 Console Redirection - Redirecting the console 7.15.1 BIOS Text Console - Configure and start text console redirection Page Page Page Page Page Page Page I Page 7.15.2 Advanced Video Redirection - Start Advanced Video Redirection (AVR) Page Page Page Page Page Page Page I Page 7.16 Remote Storage Page I 7.17 Operating iRMC S2/S3 via Telnet / SSH (Remote Manager) Page Page I Page Page 8 iRMC S2/S3 via Telnet/SSH (Remote Manager) I 8.1 Requirements on the managed server I 8.2 Operating Remote Manager 8.3 Overview of menus Page 8.4 Logging in I Page 8.5 Main menu of the Remote Manager Page 330 8.6 Required user permissions Page 8.7 Change the password 8.8 System Information - Information on the managed server Page 8.9 Power Management Page Page Page Page 8.11 Service processor - IP parameters, identification LED and iRMC S2/S3 reset I 8.12 Console Redirection (EMS/SAC) - Start text console redirection I 8.13 Start a Command Line shell... - Start a SMASH CLP shell 8.14 Console Logging - Redirect message output to the text console (serial) Page 8.15 Command Line Protocol (CLP) Page Page Page 9 Configuring iRMC S2/S3 using the Server Configuration Manager I Page Page Page Page Page 10 Firmware update I 10.1 iRMC S2/S3 firmware (overview) Page I 10.2 Setting up the USB memory stick I Page 10.3 Updating firmware images I 10.3.1 Update via the iRMC S2/S3 web interface 10.3.2 Update using the ServerView Update Manager 10.3.3 Online update using ServerView Update Manager Express or ASP I 10.3.4 Update using the operating system flash tools. I 10.3.5 Update via the lashDisk menu I Page 10.4 Emergency flash I 10.5 Flash tools I Page 11 Remote installation of the operating system via iRMC S2/S3 I 11.1 Installing the operating system via iRMC S2/S3 - general procedure Page 11.2 Connecting a storage medium as remote storage Page I Page Page Page Page Page I 11.4.2 Installing Linux on the managed server after configuration I I I 12 Appendix 12.1 IPMI OEM Commands supported by the 12.1.1 Overview Page 12.1.2 Description of the IPMI OEM commands 388 Page Page Page Page I Page Page Page Page Page Page Page Page I Page Page Page 406 F5 43 - Get SEL entry long text This command translates a given SEL entry into long text. Page I Page Page Page 12.2 Configuring the iRMC S2/S3 via SCCI and scripted configuration 12.2.1 iRMC S2/S3 configuration data Page Page Page Page I Page Page 12.2.2 Scripted configuration of the iRMC S2/S3 I Page Configuring the iRMC S2/S3 via SCCI and scripted configuration 12.2.2.4 Scripting with Python