Manualshelf

HP Insight Remote Support 7.0.9 Monitored Devices Configuration Guide

ManualsBrandsHP ManualsSoftwareHP Insight Remote Support Next Gen Software
231232233234235236237238239240
Configure SSH Public Key Authentication
Option 1: Using the Hosting Device Certificate
Prerequisites
l TFTP server used to move the public key to the ProVision-based switch.
Copy the Certificate to the Switch
To copy the certificate to the ProVision-based switch, complete the following steps:
1. On the Hosting Device, export the Hosting Device public key. The alias name is jetty:
rsadmin cert -export -keycomment manager@[IP_of_switch] -sshkey -out [file_path_
name]
where file_path_name is a path that the TFTP server can see.
2. Telnet or SSH to the switch using username/password authentication.
3. Enter configuration mode:
configure
4. Turn off filetransfer using SSH:
no ip ssh filetransfer
5. Enable the TFTP client:
tftp client
6. Move the public key to the switch:
copy tftp pub-key-file <tftp_server_ip> <public_key_file> manager
7. Enable public key authentication:
aaa authentication ssh login public-key
8. Enable user/password authentication:
aaa authentication ssh enable local
9. Write the configuration and public key to memory:
wr mem
Add the SSH Protocol Credential to the Insight RS Console
1. In the Insight RS Console, add a SSH certificate credential on the Discovery Credentials tab.
a. Select Secure Shell (SSH) from the Select and Configure Protocol drop-down list and click
New.
b. Select Certificate Credential from the Type drop-down list.
HP Insight Remote Support 7.0.9:Monitored Devices Configuration Guide Page 238 of 267
Chapter 32: Configuring ProVision-based Networking Switches