Manualshelf

HP OneView 1.10 User Guide

ManualsBrandsHP ManualsSoftwareHP OneView Upgrade from Insight Management incl 3yr 24x7 Supp Flex Qty E-LTU
51525354555657585960
allowed to access your system through the appliance console and diagnose issues that you have
reported.
Support access is a root-level shell, which enables the on-site authorized support representative to
debug any problems on the appliance and obtain a one-time password using a challenge/response
mechanism similar to the one for a password reset.
Any time after the initial configuration of the appliance, an Infrastructure administrator can enable
or disable services access through the UI by selecting ActionsEdit services access on the Settings
window.
You can also use an appliance/settings REST API to enable or disable services access.
NOTE: HP recommends that you enable access. Otherwise, an authorized support representative
will not be able to access the appliance to troubleshoot issues that you cannot resolve yourself.
3.14.2 Restricting console access
You can restrict console access to the virtual appliance through secure management practices of
the hypervisor itself.
For VMware vSphere, this information is available from the VMware website:
http://www.vmware.com
In particular, search for topics related to vSphere's Console Interaction privilege and best practices
for managing VMware's roles and permissions.
For Microsoft Hyper-V, restrict access to the console through role-based access. For information,
see the Microsoft website:
www.microsoft.com
3.15 Algorithms for securing the appliance
SSL (see Table 2 (page 59))
SHA-256 for hashing local user account passwords
Other passwords are encrypted using 128-bit Blowfish
Support dumps:
Encryption: 128-bit AES
Hash: SHA-256
The AES key is encrypted separately using 2,048-bit RSA.
Updates:
Not encrypted; digitally signed using SHA-256 and 2,048-bit RSA
The following SSL cipher suites are enabled on the HP OneView appliance web server. The cipher
suites support the connection among the browser, other clients, and the appliance.
Table 2 Supported SSL cipher suites
MacEncAuKxSSL versionSSL cipher suite
SHA1AES (256)RSADHSSL v3DHE-RSA-AES256-SHA
SHA1AES (256)RSARSASSL v3AES256-SHA
SHA13DES (168)RSADHSSL v3EDH-RSA-DES-CBC3-SHA
SHA13DES (168)RSARSASSL v3DES-CBC3-SHA
3.15 Algorithms for securing the appliance 59