Dell PowerStore 1000X EMC PowerStore Setting Up PowerStore Manager - Page 3

Con CHAP authentication, Con external SSH access, About this task, Steps, Settings

Get Dell PowerStore 1000X PDF manuals and user guides View all Dell PowerStore 1000X manuals
Add to My Manuals
Save this manual to your list of manuals

Page 3 highlights

Configure CHAP authentication Challenge Handshake Authentication Protocol (CHAP) authenticates iSCSI initiators (hosts) and targets (volumes and snapshots) to expose iSCSI storage while ensuring a secure, standard storage protocol. About this task Without CHAP authentication, any host that is connected to the same IP network as the system iSCSI ports can read from and write to the system. If your system is on a public network, it is strongly recommended that you use CHAP authentication. NOTE: If you plan to use CHAP authentication, you must set up and enable CHAP authentication before preparing volumes to receive data. If you prepare drives to receive data before you set up and enable CHAP authentication, you could lose access to the volumes. For more information about CHAP authentication, including the benefits that it provides and details about implementation types, see the context-sensitive help entry in PowerStore Manager. For in-depth information about how this feature works, see the PowerStore Security Configuration Guide. Steps 1. Select the Settings icon, and then select CHAP in the Security section. 2. Enable CHAP authentication. Additional configuration details are displayed. 3. Select the type of CHAP implementation to use and click Apply. Configure external SSH access About this task To determine the status of SSH on appliances within a cluster, in the PowerStore Manager, click Settings and under Security select SSH Management. NOTE: For maximum appliance security, leave the external SSH service interface disabled unless it is needed to perform service operations on the appliance. After performing the necessary service operations, disable the SSH interface to ensure that the appliance remains secure. For more information about SSH access, see the context-sensitive help entry for this feature. For in-depth information about how this feature works, see the PowerStore Security Configuration Guide. Steps 1. Select the Settings icon, and then select SSH Management in the Security section. 2. Select the appliance or appliances on which to enable SSH. 3. Click Enable SSH. Next steps Once the SSH service has been successfully enabled, use any SSH client to log in to the appliance IP address. Accessing the appliance requires service user credentials. The service account enables users to perform the following functions: ● Perform specialized appliance service scripts for monitoring and troubleshooting appliance system settings and operations. ● Operate only a limited set of commands that are assigned as a member of a nonprivileged Linux user account in restricted shell mode. This account does not have access to proprietary system files, configuration files, or user or customer data. To disable SSH access, follow the same procedure, but click Disable SSH instead. 3

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
Configure CHAP authentication
Challenge Handshake Authentication Protocol (CHAP) authenticates iSCSI initiators (hosts) and targets (volumes and
snapshots) to expose iSCSI storage while ensuring a secure, standard storage protocol.
About this task
Without CHAP authentication, any host that is connected to the same IP network as the system iSCSI ports can read from and
write to the system. If your system is on a public network, it is strongly recommended that you use CHAP authentication.
NOTE:
If you plan to use CHAP authentication, you must set up and enable CHAP authentication before preparing volumes
to receive data. If you prepare drives to receive data before you set up and enable CHAP authentication, you could lose
access to the volumes.
For more information about CHAP authentication, including the benefits that it provides and details about implementation types,
see the context-sensitive help entry in PowerStore Manager.
For in-depth information about how this feature works, see the
PowerStore Security Configuration Guide
.
Steps
1.
Select the
Settings
icon, and then select
CHAP
in the
Security
section.
2.
Enable CHAP authentication.
Additional configuration details are displayed.
3.
Select the type of CHAP implementation to use and click
Apply
.
Configure external SSH access
About this task
To determine the status of SSH on appliances within a cluster, in the PowerStore Manager, click
Settings
and under
Security
select
SSH Management
.
NOTE:
For maximum appliance security, leave the external SSH service interface disabled unless it is needed to perform
service operations on the appliance. After performing the necessary service operations, disable the SSH interface to ensure
that the appliance remains secure.
For more information about SSH access, see the context-sensitive help entry for this feature. For in-depth information about
how this feature works, see the
PowerStore Security Configuration Guide
.
Steps
1.
Select the
Settings
icon, and then select
SSH Management
in the
Security
section.
2.
Select the appliance or appliances on which to enable SSH.
3.
Click
Enable SSH
.
Next steps
Once the SSH service has been successfully enabled, use any SSH client to log in to the appliance IP address. Accessing the
appliance requires service user credentials.
The service account enables users to perform the following functions:
Perform specialized appliance service scripts for monitoring and troubleshooting appliance system settings and operations.
Operate only a limited set of commands that are assigned as a member of a nonprivileged Linux user account in restricted
shell mode. This account does not have access to proprietary system files, configuration files, or user or customer data.
To disable SSH access, follow the same procedure, but click
Disable SSH
instead.
3