Sun Microsystems V40z, V20Z Generating a Host Key Pair, Enabling SSH Access Using Trusted Hosts

#access add public key -l PUBLIC_KEY_FILE [-u user]

The public key file is your RSA or DSA key. Up to 10 users can install public keys; only one key per user is allowed.

Admin-level users can only add their own public key. Manager-level users can add a public key for any local user. If the user is not specified in the command, the current user is the default.

Note – The maximum supported key length is 4096 bits.

Generating a Host Key Pair

To establish a trusted host relationship, you must set up a host key, which is used to authenticate one host to another. Follow these steps to generate a host key pair by copying the public key to the SP to which you want passwordless access:

1.Execute the following command:

# ssh-keygen -t rsa -N

2.Accept the default values, installing to the following directory: $HOME/.ssh/id_rsa

The following files are created:

$HOME/.ssh/id_rsa

$HOME/.ssh/id_rsa.pub

Enabling SSH Access Using Trusted Hosts

Follow these steps to add users to the local /etc/password file to attempt trusted host access to the Service Processor:

1.Set up your host keys by executing the following command:

# ssh-host-config

2.Enable access for clients by launching a Bash shell.

■If you want all network accounts added, execute mkpasswd >> /etc/passwd.

■If you want just local accounts added, execute mkpasswd -l >> /etc/passwd.

3.Issue the following commands as a manager-level user on the client to establish a trusted host relationship (manager1 is used in the example in this step):

a. Copy the client key to /tmp on the SP.

# scp /etc/ssh_host_dsa_key.pub manager1@sp.test.com:/tmp

Chapter 4 Further Management Information 59