Manuals / Tripp Lite / Computer Equipment / Network Card

Tripp Lite 93-2879, B096-048, B096-016 Installing the SSH Public/Private Keys Clustering

Models: 93-2879 B096-016 B096-048

1 224

Download 224 pages 57.82 Kb

Page 180

Generating public/private rsa key pair.

Enter file in which to save the key (/home/user/.ssh/id_rsa): /home/user/keys/control_room

Enter passphrase (empty for no passphrase): Enter same passphrase again:

Your identification has been saved in /home/user/keys/control_room Your public key has been saved in /home/user/keys/control_room.pub. The key fingerprint is: 28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server

$

You must ensure there is no password associated with the keys. If there is a password, then the devices will have no way to supply it as runtime.

Full documentation for the ssh-keygencommand can be found at:

http://www.openbsd.org/cgi-bin/man.cgi?query=ssh-keygen

Installing the SSH Public/Private Keys (Clustering)

For Console Servers, the keys can be simply uploaded through the web interface on the System: Administration page. This enables you to upload stored RSA or DSA Public Key pairs to the Master and apply the Authorized key to the Slave as is described in Chapter 4.6. Once complete, proceed to Fingerprinting as described below.

Installing SSH Public Key Authentication (Linux)

Alternately, the public key can be installed on the unit remotely from the Linux host with the scp utility as follows:

_____________________________________________________________________

B096-016 B096-048 and B092-016 User Manual

Page 180

Image 180

Tripp Lite 93-2879 Installing the SSH Public/Private Keys Clustering, Installing SSH Public Key Authentication Linux

Contents

Console Server Management Switch Index Failover and OUT-OF-BAND Access Alerts and Logging Authentication System Management Advanced Configuration 16.2 Advanced Control Panel 210 Introduction This ManualFCC Information User NoticeManual Organization Types of users Management ConsoleManual Conventions Publishing history Installation IntroductionModels PortsPower connection Kit components B092-016 Console Server with PowerAlertPower Console Server Management Switch Power Console Server with PowerAlert Network connectionSerial Port connection USB Port Connection Rackmount Console / KVM Connection B092-016 onlyInitial System Configuration Management Console ConnectionIP address Browser connectionPage Administrator Password At the Management Console menu select System AdministrationInitial B092-016 connection Select System Administration Configuration MethodNetwork IP address 1 IPv6 configuration System Services Page PowerAlert Secure VNCMessage Changes to configuration succeeded Communications SoftwarePuTTY SSHTerm Management Network Configuration B096-048/016 only Configure Management Switch as a Management LAN gatewayPage Page Configure Management Switch for Failover or Broadband OoB Configuring Serial Ports Serial Port and Network HostCommon Settings Console Server Mode Page Page Page SDT Mode Device RPC, UPS, EMD ModeTerminal Server Mode Serial Bridging Mode Add/Edit Users SyslogPage Page Authentication Network HostsPage Trusted Networks Select Serial & Network Trusted NetworksSerial Port Cascading Automatically generate and upload SSH keysCheck Generate SSH keys automatically and click Apply Select RSA Keys and/or DSA Keys Manually generate and upload SSH keysPublic Key # ssh remhost Configure the Slaves and their serial ports Managing the Slaves Failover and OUT-OF-BAND Access OoB Dial-In AccessConfigure dial-in PPP Check the Enable Dial-In Access box Modem PortUsing SDT Connector client for dial-in Set up Windows XP/ 2003/Vista client for dial-inNone MSCHAPv2Set up earlier Windows clients for dial-in OoB Broadband Access B096-048/016 only Set up Linux clients for dial-inBroadband Ethernet Failover B096-048/016 only Page Dial-Out Failover Page Secure Tunneling and SDT Connector IntroductionConfiguring for SDT Tunneling to Hosts SDT Connector ConfigurationSDT Connector client installation Run the set-up programConfiguring a new gateway in the SDT Connector client Page Make an SDT connection through the gateway to a host Manually adding hosts to the SDT Connector gateway Manually adding new services to the new hosts Page Adding a client program to be started for the new service Dial-in configuration Choosing an alternate SSH client e.g. PuTTYPage Page Page Page SDT Connector to Management Console Page Page Pon networkconnection SDT Connector Public Key Authentication Importing and exporting preferencesSetting up SDT for Remote Desktop Access Configure the Remote Desktop Connection client Desktop ConnectionClick Connect Option Color depth 8, 16On a Macintosh client SDT SHH Tunnel for VNC Install, configure and connect the VNC Viewer Page Page Page Select Allow calling computer to specify its own address Set up SDT Serial Ports on Console Server Page Configure SMTP/SMS/SNMP/Nagios alert service Alerts and LoggingEmail alerts Select Alerts & Logging Smtp &SMSSMS alerts Snmp alerts Select Alerts & Logging SnmpActivate Alert Events and Notifications Nagios AlertsNetwork Serial Ports refer to Chapter Alert Add a new alert Page Configuring environment and power alert type Remote Log Storage 100Serial Port Logging 101Network TCP or UDP Port Logging 102Level Remote Power Control RPC 103RPC connection 104 Click Add RPCUser power management 105RPC alerts RPC statusUninterruptible Power Supply Control UPS Power on Power OFF Power Cycle Power Status106 Managed UPS connections107 108 Configure UPS powering the Console Server 109Configuring powered computers to monitor a Managed UPS 110111 UPS alertsUPS status Overview of Network UPS Tools NUT112 Environmental Monitoring 113Connecting the EMD 114115 Environmental alertsEnvironmental status 116 Authentication Authentication Configuration117 Enter the Server Password 118Radius authentication 119Ldap authentication 120RADIUS/TACACS user configuration 121PAM Pluggable Authentication Modules 122Secure Management Console Access 123124 Nagios Integration Nagios Overview125 Central management 126Set up distributed Console Servers Check Prefer NRPE, Nrpe Enabled and Nrpe Command ArgumentsClick Console Server Mode and select Logging Level Click New Check and select Check TCP. Select PortSelect Serial Port from the Serial & Network menu Configuring Nagios distributed monitoring Page Enable Nrpe monitoring Select System Nagios and check Nrpe EnabledEnable Nsca monitoring Select System Nagios and check Nsca EnabledConfigure selected Serial Ports for Nagios monitoring Configure selected Network Hosts for Nagios monitoring Permitted ServiceConfigure the upstream Nagios monitoring host Advanced Distributed Monitoring Configuration Sample Nagios configurationTripplitenrpedaemondep Hostname Tripplite Basic Nagios plug-ins Additional plug-insPage System Administration and Reset System ManagementUpgrade Firmware Configure Date and Time Select the Enable NTP checkbox on the Network Time ProtocolPort Access and Active Users Select the Status Port AccessStatus Reports StatisticsSupport Reports SyslogSelect Status Syslog Remote System Logging Local System LoggingSelect Alerts & Logging Syslog Management Device ManagementPort & Host Management Power Management Select Manage PowerSerial Port Terminal Connection Select Manage TerminalSSH Remote Console Access B092-016 only Select Manage KVM Console ServerPage Basic Configuration Linux Commands IntroductionLinux Command line Config Tool SyntaxDescription Etc/config/config.xml OptionsAdministration Configuration System SettingsAuthentication Configuration Date and Time Configuration Manually Change Clock SettingsNetwork Time Protocol IP Configuration Time ZoneStatic Dial-in Configuration ATQ0V1H0Services Configuration Serial Port Configuration Serial Port SettingsSupported Protocol Configuration UsersTrusted Networks Event Logging Configuration Remote Serial Port Log StorageAlert Configuration SDT host TCP PortsPage Configuration backup and restore Config -e Output FileGeneral Linux command usage Http//en.tldp.org/HOWTO/HOWTO-INDEX/howtos.html Advanced Configuration IntroductionAdvanced Portmanager PmshellPmchat PmusersPortmanager Daemon External Scripts and AlertsPage Raw Access to Serial Ports Access to Serial PortsAccessing the Console Port Standard IP-Filter configuration Etc/config/ipfilterIP- Filtering Customizing the IP-Filter Etc/config/filter-custom Modifying Snmp Configuration Etc/config/snmpd.confResources Adding more than one Snmp server Secure Shell SSH Public Key Authentication SSH OverviewGenerating Public Keys Linux $ ssh-keygen -t rsadsaInstalling the SSH Public/Private Keys Clustering Installing SSH Public Key Authentication LinuxChown fred /etc/config/users/fred/.ssh/authorizedkeys Generating public/private keys for SSH Windows OpenSSH OpenSSH Windows Fingerprinting SSH tunneled serial bridging IT is Possible That Someone is Doing Something NastyClient Keys $ ssh-keygen -t rsadsa SDT Connector Public Key Authentication Authorized KeysSecure Sockets Layer SSL Support Https Generating an encryption keyInstalling the key and certificate Power Strip Control PowerManTarget Specification Pmpower Adding new RPC devicesPage IPMItool SynopsisDescription Security Commands Scripts for Managing Slaves Ipmitool chassis helpSelect Status Support Report Local Client Service Connections Thin Client B092-016Page Connect- serial terminal Connect- browserConnect- VNC Connect- SSH Connect- Ipmi Connect- Remote Desktop RDP Option Connect- Citrix ICAConnect- PowerAlert Advanced Control PanelSystem Terminal System Shutdown / Reboot System LogoutCustom StatusRemote control Appendix a Hardware Specification Appendix B Serial Port Connectivity Serial Port PinoutConnectors included in Console Server Appendix C End User License Agreement Page JSch License Page Page SUN Java License Page Limited Warranty Warranty RegistrationTripp Lite 1111 W th Street Chicago IL 60609 USA 200903108 93-2879EN