Manualshelf

User guide

ManualsBrandsReach ManualsComputer equipmentDSS-ENC
11121314151617181920
16
clients running Windows and ssh-keygen CLI for clients running Linux. The ssh-keygen CLI utility comes
by default on all standard installations.
Logging in Using Public Key Authentication
After the public keys are uploaded, the user can log into the iDRAC6 over SSH without entering a
password. The user also has the option of sending a single RACADM command as a command line
argument to the SSH application. The command line options behave similar to remote RACADM since
the session ends after the command is completed.
Encryption
Secure Sockets Layer (SSL)
The iDRAC6 includes a Web server that is configured to use the industry-standard SSL security protocol
to transfer encrypted data over the Internet. Built upon public-key and private-key encryption
technology, SSL is a widely accepted technique for providing authenticated and encrypted
communication between clients and servers to prevent eavesdropping across a network.
An SSL and TLS (Transport Layer Security) enabled system:
• Authenticates itself to an SSL-enabled client
• Allows the client to authenticate itself to the server
• Allows both systems to establish an encrypted connection
This encryption process provides a high level of data protection. iDRAC6 employs the 128-bit SSL
encryption standard. Supported cipher suites are listed in Appendix A. Ciphers supported by SSH are
listed in Appendix B.
IPMI RMCP+ Encryption
iDRAC6 IPMI over LAN and SOL use RMCP+ for Authentication and Key exchange. For details on
the RMCP+ protocol, see the IPMI 2.0 specification. iDRAC6 IPMI supports the following encryption
algorithms:
AES-CBC-128 (128-bit AES with CBC)
RC4-128 (128-bit RC4)
SSL Certificate Management for Server iDRAC6 Authentication
IDRAC 6 ships with a default self-signed SSL certificate. iDRAC6 uses 1024-bit RSA with SHA-1 by default.
NOTE: Dell strongly recommends replacing the default certificate with your own SSL certificate to
secure the IDRAC6 since systems ship with the same SSL certificate and with the same SSL private key.
The IDRAC 6 server SSL certificate is used by the web server, Virtual Media server, and Console