Users Guide
Logging into CMC
You can log in to CMC as a CMC local user, as a Microsoft Active Directory user, or as an LDAP user. You can also log in using Single Sign-
On or a Smart Card.
Topics:
• Configure public key authentication over SSH
• Accessing CMC web interface
• Logging into CMC as a local user, active directory user, or LDAP user
• Logging into CMC using a smart card
• Logging into CMC using Single Sign-On
• Logging into CMC using serial, Telnet, or SSH console
• Logging into CMC using public key authentication
• Forcing password change using web interface
• Multiple CMC sessions
Configure public key authentication over SSH
You can configure up to six public keys that can be used with the service username over an SSH interface. Before adding or deleting
public keys, make sure to use the view command to see what keys are already set up, so that a key is not accidentally overwritten or
deleted. The service username is a special user account that can be used when accessing the CMC through SSH. When the PKA over
SSH is set up and used correctly, you need not enter username or passwords to log in to the CMC. This can be very useful to set up
automated scripts to perform various functions.
NOTE: There is no GUI support for managing this feature, you can use only the RACADM.
When adding new public keys, make sure that the existing keys are not already at the index, where the new key is added. CMC does not
perform checks to ensure previous keys are deleted before a new one is added. As soon as a new key is added, it is automatically in effect
as long as the SSH interface is enabled.
When using the public key comment section of the public key, remember that only the first 16 characters are utilized by the CMC. The
public key comment is used by the CMC to distinguish SSH users when using the RACADM getssninfo command, because all the PKA
users use the service username to log in.
For example, if two public keys are set up one with comment PC1 and one with comment PC2:
racadm getssninfo
Type User IP Address Login
Date/Time
SSH PC1 x.x.x.x 06/16/2009
09:00:00
SSH PC2 x.x.x.x 06/16/2009
09:00:00
For more information about the sshpkauth, see the Chassis Management Controller for PowerEdge FX2/FX2s Command Line
Reference Guide.
Generating public keys for systems running Windows
Before adding an account, a public key is required from the system that accesses the CMC over SSH. There are two ways to generate the
public/private key pair: using PuTTY Key Generator application for clients running Windows or ssh-keygen CLI for clients running Linux.
This section describes simple instructions to generate a public/private key pair for both applications. For additional or advanced usage of
these tools, see the application Help.
To use the PuTTY Key Generator to create a basic key for clients running Windows:
1. Start the application and select SSH-2 RSA for the type of key to generate (SSH-1 is not supported).
3
34 Logging into CMC