Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC7 with Lifecycle Controller Version 2.40.40.40

121

122

123

124

125

126

127

128

129

130

• ssh-keygen CLI for clients running Linux.

CAUTION: This privilege is normally reserved for users who are members of the Administrator user group on iDRAC.

However, users in the ‘Custom’ user group can be assigned this privilege. A user with this privilege can modify any user’s

conguration. This includes creation or deletion of any user, SSH Key management for users, and so on. For these

reasons, assign this privilege carefully.

CAUTION: The capability to upload, view, and/ or delete SSH keys is based on the ’Congure Users’ user privilege. This

privilege allows user(s) to congure another user's SSH key. You should grant this privilege carefully.

Generating public keys for Windows

To use the PuTTY Key Generator application to create the basic key:

1. Start the application and select RSA for the key type.

2. Enter the number of bits for the key. The number of bits must be between 2048 and 4096 bits.

3. Click Generate and move the mouse in the window as directed.

The keys are generated.

4. You can modify the key comment eld.

5. Enter a passphrase to secure the key.

6. Save the public and private key.

Generating public keys for Linux

To use the ssh-keygen application to create the basic key, open a terminal window and at the shell prompt, enter ssh-keygen –t

rsa –b 2048 –C testing

where:

• -t is rsa.

• –b species the bit encryption size between 2048 and 4096.

• –C allows modifying the public key comment and is optional.

NOTE: The options are case-sensitive.

Follow the instructions. After the command executes, upload the public le.

CAUTION: Keys generated from the Linux management station using ssh-keygen are in non-4716 format. Convert the

keys into the 4716 format using

ssh-keygen -e -f /root/.ssh/id_rsa.pub > std_rsa.pub. Do not change

the permissions of the key le. The conversion must be done using default permissions.

NOTE: iDRAC does not support ssh-agent forward of keys.

Uploading SSH keys

You can upload up to four public keys per user to use over an SSH interface. Before adding the public keys, make sure that you view

the keys if they are set up, so that a key is not accidentally overwritten.

When adding new public keys, make sure that the existing keys are not at the index where the new key is added. iDRAC does not

perform checks to make sure previous key(s) are deleted before a new key(s) are added. When a new key is added, it is usable if the

SSH interface is enabled.

Uploading SSH keys using web interface

To upload the SSH keys:

1. In the iDRAC Web interface, go to Overview → iDRAC Settings → Network → User Authentication → Local Users.

The Users page is displayed.

2. In the User ID column, click a user ID number.

The Users Main Menu page is displayed.

3. Under SSH Key Congurations, select Upload SSH Key(s) and click Next.

123