Reference Guide
For DSA keys greater than 2048, use the following racadm command. CMC
accepts RSA keys up to key strength 4096, but the recommended key strength is
1024.
racadm -r 192.168.8.14 -u root -p calvin sshpkauth -i
svcacct -k 1 -p 0xfff -f dsa_2048.pub
Synopsis
racadm sshpkauth
Input
• -i Index for the user. <svcacct> is the Index for CMC.
• -k index from 1-6 (or all for -v / -d options) to assign the PK key being
uploaded.
• -p privilege level to give to user for this PK key.
• -t Key text for the PK key.
• -r Species the controller’s remote IP address.
• -u Species the user name.
• -f le containing key text to upload.
NOTE: This option is supported only on the remote interface(s).
• -v - View privilege and key text.
• -d - Delete key and privilege for the index provided.
Examples :
• View all keys
racadm sshpkauth -i svcacct -k all -v
• Delete all keys
racadm sshpkauth -i svcacct -k all -d
• Upload key at index 2 using text option
racadm sshpkauth -i svcacct -k 2 -p 0xfff -t "key text"
• Upload key at index 1 using le upload option.
racadm sshpkauth -i svcacct -k 1 -p 0xfff -f idrsa.pub
sslcertupload
Description
Uploads a custom SSL server or CA certicate for Directory
Service from the client to iDRAC.
To use this subcommand, you must have the CMC
Conguration permission.
Synopsis
racadm sslcertupload -t <type> [-f
<filename>]
Input
• -t — Species the type of certicate to upload, either the
CA certicate for Directory Service or the server certicate.
— 1 = server certicate.
— 2 = CA certicate for Directory Service
— 5 = Kerberos keytab
— 6 = Server certicate and key
• -f — Species the le name of the certicate to be
uploaded.
• -k — Species the optional source lename for private key
when uploading type 6.
97