Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 2.0 for Dell PowerEdge FX2

101

102

103

104

105

106

107

108

109

110

NOTE: CMC does not support SSH version 1.

When an error occurs during the CMC login, the SSH client issues an error message. The message text is dependent on the client

and is not controlled by CMC. Review the RACLog messages to determine the cause of the failure.

NOTE: OpenSSH must be run from a VT100 or ANSI terminal emulator on Windows. You can also run OpenSSH using

Putty.exe. Running OpenSSH at the Windows command prompt does not provide full functionality (that is, some keys do

not respond and no graphics are displayed). On servers that run Linux, run SSH client services to connect to CMC with

any shell.

Four simultaneous SSH sessions are supported at a time. The session timeout is controlled by the cfgSsnMgtSshIdleTimeout

property. For more information about the RACADM commands, see the Dell Chassis Management Controller for PowerEdge FX2/

FX2s RACADM Command Line Reference Guide available at dell.com/support/Manuals.

CMC also supports Public Key Authentication (PKA) over SSH. This authentication method improves SSH scripting automation by

removing the need to embed or prompt for user ID/password.

SSH is enabled by default. If SSH is disabled, then you can enable it using any other supported interface.

Supported SSH cryptography schemes

To communicate with CMC using SSH protocol, it supports multiple cryptography schemes listed in the following table.

Table 22. Cryptography Schemes

Scheme Type Scheme

Asymmetric Cryptography Die-Hellman DSA/DSS 512–1024 (random) bits per NIST specication

Symmetric Cryptography

• AES256-CBC

• RIJNDAEL256-CBC

• AES192-CBC

• RIJNDAEL192-CBC

• AES128-CBC

• RIJNDAEL128-CBC

• BLOWFISH-128-CBC

• 3DES-192-CBC

• ARCFOUR-128

Message Integrity

• HMAC-SHA1-160

• HMAC-SHA1-96

• HMAC-MD5-128

• HMAC-MD5-96

Authentication Password

Congure public key authentication over SSH

You can congure up to six public keys that can be used with the service username over an SSH interface. Before adding or deleting

public keys, make sure to use the view command to see what keys are already set up, so that a key is not accidentally overwritten

or deleted. The service username is a special user account that can be used when accessing the CMC through SSH. When the PKA

over SSH is set up and used correctly, you need not enter username or passwords to log in to the CMC. This can be very useful to

set up automated scripts to perform various functions.

NOTE: There is no GUI support for managing this feature, you can use only the RACADM.

When adding new public keys, make sure that the existing keys are not already at the index, where the new key is added. CMC does

not perform checks to ensure previous keys are deleted before a new one is added. As soon as a new key is added, it is automatically

in eect as long as the SSH interface is enabled.

110