Users Guide

ManualsBrandsDell ManualsActive System ManagerChassis Management Controller Version 3.0 for Dell PowerEdge VRTX

131

132

133

134

135

136

137

138

139

140

Using SSH With CMC

SSH is a command line session that includes the same capabilities as a Telnet session, but with session negotiation and encryption to

improve security. CMC supports SSH version 2 with password authentication. SSH is enabled on the CMC by default.

NOTE: CMC does not support SSH version 1.

When an error occurs during the CMC login, the SSH client issues an error message. The message text is dependent on the client

and is not controlled by CMC. Review the RACLog messages to determine the cause of the failure.

NOTE: OpenSSH must be run from a VT100 or ANSI terminal emulator on Windows. You can also run OpenSSH using

Putty.exe. Running OpenSSH at the Windows command prompt does not provide full functionality (that is, some keys do

not respond and no graphics are displayed). On servers that run Linux, run SSH client services to connect to CMC with

any shell.

Four simultaneous SSH sessions are supported at a time. The session timeout is controlled by the cfgSsnMgtSshIdleTimeout

property. For more information about the RACADM commands, see the Chassis Management Controller for PowerEdge VRTX

RACADM Command Line Reference Guide available at dell.com/support/Manuals.

CMC also supports Public Key Authentication (PKA) over SSH. This authentication method improves SSH scripting automation by

removing the need to embed or prompt for user ID/password. For more information, see Conguring Public Key Authentication over

SSH.

SSH is enabled by default. If SSH is disabled, then you can enable it using any other supported interface.

To congure SSH, see Conguring Services.

Supported SSH Cryptography Schemes

To communicate with CMC using SSH protocol, it supports multiple cryptography schemes listed in the following table.

Table 31. Cryptography Schemes

Scheme Type Scheme

Asymmetric Cryptography Die-Hellman DSA/DSS 512–1024 (random) bits per NIST specication

Symmetric Cryptography

• AES256-CBC

• RIJNDAEL256-CBC

• AES192-CBC

• RIJNDAEL192-CBC

• AES128-CBC

• RIJNDAEL128-CBC

• BLOWFISH-128-CBC

• 3DES-192-CBC

• ARCFOUR-128

Message Integrity

• HMAC-SHA1-160

• HMAC-SHA1-96

• HMAC-MD5-128

• HMAC-MD5-96

Authentication Password

Congure Public Key Authentication Over SSH

You can congure up to six public keys that can be used with the service username over an SSH interface. Before adding or deleting

public keys, make sure to use the view command to see what keys are already set up, so that a key is not accidentally overwritten

or deleted. The service username is a special user account that can be used when accessing the CMC through SSH. When the PKA

135