Manuals / Tripp Lite / Computer Equipment / Network Card

Tripp Lite B096-016, 93-2879, B096-048 Generating Public Keys Linux, $ ssh-keygen -t rsadsa

Models: 93-2879 B096-016 B096-048

1 224

Download 224 pages 57.82 Kb

Page 179

OpenSSH, the de facto open source SSH application, encrypts all traffic (including passwords) to effectively eliminate these risks. Additionally, OpenSSH provides a myriad of secure tunneling capabilities, as well as a variety of authentication methods.

OpenSSH is the port of OpenBSD's excellent OpenSSH[0] to Linux and other versions of Unix. OpenSSH is based on the last free version of Tatu Ylonen's sample implementation with all patent-encumbered algorithms removed (to external libraries), all known security bugs fixed, new features reintroduced and many other clean-ups. http://www.openssh.com/ The only changes in the SSH implementation are:

PAM support

EGD[1]/PRNGD[2] support and replacements for OpenBSD library functions that are absent from other versions of UNIX

The config files are now in /etc/config. e.g.

o/etc/config/sshd_config instead of /etc/sshd_config o /etc/config/ssh_config instead of /etc/ssh_config

o /etc/config/users/<username>/.ssh/ instead of /home/<username>/.ssh/

Generating Public Keys (Linux)

To generate new SSH key pairs, use the Linux ssh-keygencommand. This will produce an RSA or DSA public/private key pair and you will be prompted for a path to store the two key files e.g. id_dsa.pub (the public key) and id_dsa (the private key). For example:

$ ssh-keygen -t [rsadsa]

Generating public/private [rsadsa] key pair.

Enter file in which to save the key (/home/user/.ssh/id_[rsadsa]):

Enter passphrase (empty for no passphrase):

Enter same passphrase again:

Your identification has been saved in /home/user/.ssh/id_[rsadsa]. Your public key has been saved in /home/user/.ssh/id_[rsadsa].pub. The key fingerprint is: 28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server

$

It is advisable to create a new directory to store your generated keys. It is also possible to name the files after the device they will be used for. For example:

$ mkdir keys

$ ssh-keygen -t rsa

_____________________________________________________________________

B096-016 B096-048 and B092-016 User Manual

Page 179

Image 179

Tripp Lite B096-016, 93-2879, B096-048 owner manual Generating Public Keys Linux, $ ssh-keygen -t rsadsa

Contents

Console Server Management Switch Index Failover and OUT-OF-BAND Access Alerts and Logging Authentication System Management Advanced Configuration 16.2 Advanced Control Panel 210 User Notice IntroductionThis Manual FCC InformationManual Organization Management Console Types of usersManual Conventions Publishing history Ports InstallationIntroduction ModelsPower Console Server Management Switch Power connectionKit components B092-016 Console Server with PowerAlert Serial Port connection Power Console Server with PowerAlertNetwork connection Rackmount Console / KVM Connection B092-016 only USB Port ConnectionManagement Console Connection Initial System ConfigurationBrowser connection IP addressPage Initial B092-016 connection Administrator PasswordAt the Management Console menu select System Administration Network IP address Select System AdministrationConfiguration Method 1 IPv6 configuration System Services Page Secure VNC PowerAlertPuTTY Message Changes to configuration succeededCommunications Software SSHTerm Configure Management Switch as a Management LAN gateway Management Network Configuration B096-048/016 onlyPage Page Configure Management Switch for Failover or Broadband OoB Serial Port and Network Host Configuring Serial PortsCommon Settings Console Server Mode Page Page Page Terminal Server Mode SDT ModeDevice RPC, UPS, EMD Mode Serial Bridging Mode Syslog Add/Edit UsersPage Page Network Hosts AuthenticationPage Select Serial & Network Trusted Networks Trusted NetworksCheck Generate SSH keys automatically and click Apply Serial Port CascadingAutomatically generate and upload SSH keys Public Key Select RSA Keys and/or DSA KeysManually generate and upload SSH keys # ssh remhost Configure the Slaves and their serial ports Managing the Slaves Configure dial-in PPP Failover and OUT-OF-BAND AccessOoB Dial-In Access Modem Port Check the Enable Dial-In Access boxMSCHAPv2 Using SDT Connector client for dial-inSet up Windows XP/ 2003/Vista client for dial-in NoneSet up earlier Windows clients for dial-in Broadband Ethernet Failover B096-048/016 only OoB Broadband Access B096-048/016 onlySet up Linux clients for dial-in Page Dial-Out Failover Page Introduction Secure Tunneling and SDT ConnectorSDT Connector Configuration Configuring for SDT Tunneling to HostsRun the set-up program SDT Connector client installationConfiguring a new gateway in the SDT Connector client Page Make an SDT connection through the gateway to a host Manually adding hosts to the SDT Connector gateway Manually adding new services to the new hosts Page Adding a client program to be started for the new service Choosing an alternate SSH client e.g. PuTTY Dial-in configurationPage Page Page Page SDT Connector to Management Console Page Page Pon networkconnection Importing and exporting preferences SDT Connector Public Key AuthenticationSetting up SDT for Remote Desktop Access Desktop Connection Configure the Remote Desktop Connection clientClick Connect Color depth 8, 16 OptionOn a Macintosh client SDT SHH Tunnel for VNC Install, configure and connect the VNC Viewer Page Page Page Select Allow calling computer to specify its own address Set up SDT Serial Ports on Console Server Page Select Alerts & Logging Smtp &SMS Configure SMTP/SMS/SNMP/Nagios alert serviceAlerts and Logging Email alertsSMS alerts Select Alerts & Logging Snmp Snmp alertsNetwork Serial Ports refer to Chapter Activate Alert Events and NotificationsNagios Alerts Alert Add a new alert Page Configuring environment and power alert type 100 Remote Log Storage101 Serial Port LoggingLevel Network TCP or UDP Port Logging102 RPC connection Remote Power Control RPC103 Click Add RPC 104RPC status User power management105 RPC alertsManaged UPS connections Uninterruptible Power Supply Control UPSPower on Power OFF Power Cycle Power Status 106107 108 109 Configure UPS powering the Console Server110 Configuring powered computers to monitor a Managed UPSOverview of Network UPS Tools NUT 111UPS alerts UPS status112 113 Environmental Monitoring114 Connecting the EMDEnvironmental status 115Environmental alerts 116 117 AuthenticationAuthentication Configuration 118 Enter the Server Password119 Radius authentication120 Ldap authentication121 RADIUS/TACACS user configuration122 PAM Pluggable Authentication Modules123 Secure Management Console Access124 125 Nagios IntegrationNagios Overview 126 Central managementCheck Prefer NRPE, Nrpe Enabled and Nrpe Command Arguments Set up distributed Console ServersSelect Serial Port from the Serial & Network menu Click Console Server Mode and select Logging LevelClick New Check and select Check TCP. Select Port Configuring Nagios distributed monitoring Page Select System Nagios and check Nrpe Enabled Enable Nrpe monitoringConfigure selected Serial Ports for Nagios monitoring Enable Nsca monitoringSelect System Nagios and check Nsca Enabled Permitted Service Configure selected Network Hosts for Nagios monitoringConfigure the upstream Nagios monitoring host Sample Nagios configuration Advanced Distributed Monitoring ConfigurationTripplitenrpedaemondep Hostname Tripplite Additional plug-ins Basic Nagios plug-insPage System Management System Administration and ResetUpgrade Firmware Select the Enable NTP checkbox on the Network Time Protocol Configure Date and TimeStatistics Port Access and Active UsersSelect the Status Port Access Status ReportsSelect Status Syslog Support ReportsSyslog Select Alerts & Logging Syslog Remote System LoggingLocal System Logging Port & Host Management ManagementDevice Management Select Manage Terminal Power ManagementSelect Manage Power Serial Port Terminal ConnectionSSH Select Manage KVM Console Server Remote Console Access B092-016 onlyPage Introduction Basic Configuration Linux CommandsDescription Linux Command lineConfig Tool Syntax Options Etc/config/config.xmlAuthentication Configuration Administration ConfigurationSystem Settings Network Time Protocol Date and Time ConfigurationManually Change Clock Settings Static IP ConfigurationTime Zone ATQ0V1H0 Dial-in ConfigurationServices Configuration Serial Port Settings Serial Port ConfigurationUsers Supported Protocol ConfigurationTrusted Networks Remote Serial Port Log Storage Event Logging ConfigurationSDT host TCP Ports Alert ConfigurationPage Config -e Output File Configuration backup and restoreGeneral Linux command usage Http//en.tldp.org/HOWTO/HOWTO-INDEX/howtos.html Introduction Advanced ConfigurationPmshell Advanced PortmanagerPmusers PmchatExternal Scripts and Alerts Portmanager DaemonPage Accessing the Console Port Raw Access to Serial PortsAccess to Serial Ports IP- Filtering Standard IP-Filter configurationEtc/config/ipfilter Customizing the IP-Filter Etc/config/filter-custom Resources Modifying Snmp ConfigurationEtc/config/snmpd.conf Adding more than one Snmp server SSH Overview Secure Shell SSH Public Key Authentication$ ssh-keygen -t rsadsa Generating Public Keys LinuxInstalling SSH Public Key Authentication Linux Installing the SSH Public/Private Keys ClusteringChown fred /etc/config/users/fred/.ssh/authorizedkeys Generating public/private keys for SSH Windows OpenSSH OpenSSH Windows Fingerprinting IT is Possible That Someone is Doing Something Nasty SSH tunneled serial bridgingClient Keys $ ssh-keygen -t rsadsa Authorized Keys SDT Connector Public Key AuthenticationSecure Sockets Layer SSL Support Generating an encryption key HttpsInstalling the key and certificate PowerMan Power Strip ControlTarget Specification Adding new RPC devices PmpowerPage Synopsis IPMItoolDescription Security Commands Ipmitool chassis help Scripts for Managing SlavesSelect Status Support Report Thin Client B092-016 Local Client Service ConnectionsPage Connect- browser Connect- serial terminalConnect- VNC Connect- SSH Connect- Ipmi Connect- Remote Desktop RDP Connect- Citrix ICA OptionSystem Terminal Connect- PowerAlertAdvanced Control Panel Status System Shutdown / RebootSystem Logout CustomRemote control Appendix a Hardware Specification Serial Port Pinout Appendix B Serial Port ConnectivityConnectors included in Console Server Appendix C End User License Agreement Page JSch License Page Page SUN Java License Page Tripp Lite 1111 W th Street Chicago IL 60609 USA Limited WarrantyWarranty Registration 200903108 93-2879EN