HP 3PAR StoreServ 7400 2-node HP 3PAR Command Line Interface Administrator& - Page 55
HP 3PAR Common Criteria, Administrator's Reference, ssh-keygen, the password
View all HP 3PAR StoreServ 7400 2-node manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 55 highlights
CAUTION: For security purposes, the file containing the private key must be protected from unauthorized access. Failure to protect the file can cause the key to be compromised. CAUTION: If the system is operating in Common Criteria mode, LDAP users must not use a public key. For more information about Common Criteria, see the HP 3PAR Common Criteria Administrator's Reference. • The public key must be stored on the system using the setsshkey command to enable users to log in without a password. • The private key must be kept in a file accessible by scripts that use CLI commands. The key pair is generated by using the ssh-keygen utility (typically included in an SSH client software package and available on UNIX and Windows platforms). NOTE: The following screen examples show output for UNIX systems. Windows screens are simlar, with DOS prompts replacing UNIX prompts. The following steps describe setting up CLI scripting through SSH: 1. Create a CLI user and password using the createuser command. $ssh user1@system1 3paradm's password: ****** system1 cli% createuser -c testpw3 user3 all browse User created In the previous example, user user1 logs into system system1 and creates user user3 with the password testpw3. 2. Create a key pair using the ssh-keygen utility. Both rsa and dsa key formats are supported by the system, and the recommended key length is at least 1024 characters. NOTE: For additional information about the ssh-keygen utility and rsa and dsa key formats, consult the SSH client documentation. To create a key pair using rsa format: $ ssh-keygen -b 1024 -t rsa To create a key pair using dsa format: $ ssh-keygen -b 1024 -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/home/usr/user3/.ssh/id_dsa): Created directory '/home/usr/user3/.ssh'. Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in /home/usr/user3/.ssh/id_dsa. Your public key has been saved in /home/usr/user3/.ssh/id_dsa.pub. The key fingerprint is: 3f:a0:b5:6a:4d:dd:45:76:37:fb:a3:3e:52:44:55:32 [email protected] SSH 55