Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC7/8 with Lifecycle Controller Version 2.50.50.50
121122123124125126127128129130
Scheme Type Algorithms
ecdh-sha2-nistp521
die-hellman-group-exchange-sha256
die-hellman-group14-sha1
Encryption
chacha20-poly1305@openssh.com
aes128-ctr
aes192-ctr
aes256-ctr
aes128-gcm@openssh.com
aes256-gcm@openssh.com
MAC
hmac-sha1
hmac-ripemd160
umac-64@openssh.com
Compression None
NOTE: If you enable OpenSSH 7.0 or later, DSA public key support is disabled. To ensure better security for iDRAC, Dell
recommends not enabling DSA public key support.
Using public key authentication for SSH
iDRAC supports the Public Key Authentication (PKA) over SSH. This is a licensed feature. When the PKA over SSH is set up and used
correctly, you must enter the user name while logging into iDRAC. This is useful for setting up automated scripts that perform various
functions. The uploaded keys must be in RFC 4716 or OpenSSH format. Else, you must convert the keys into that format.
NOTE
: If you enable OpenSSH 7.0 or later, DSA public key support is disabled. To ensure better security for iDRAC, Dell
recommends not enabling DSA public key support.
In any scenario, a pair of private and public key must be generated on the management station. The public key is uploaded to iDRAC local
user and private key is used by the SSH client to establish the trust relationship between the management station and iDRAC.
You can generate the public or private key pair using:
PuTTY Key Generator application for clients running Windows
ssh-keygen CLI for clients running Linux.
CAUTION
: This privilege is normally reserved for users who are members of the Administrator user group on iDRAC. However,
users in the ‘Custom’ user group can be assigned this privilege. A user with this privilege can modify any user’s conguration.
This includes creation or deletion of any user, SSH Key management for users, and so on. For these reasons, assign this privilege
carefully.
CAUTION: The capability to upload, view, and/ or delete SSH keys is based on the ’Congure Users’ user privilege. This privilege
allows user(s) to congure another user's SSH key. You should grant this privilege carefully.
130 Setting up iDRAC communication