HP StorageWorks 4/64 Brocade Fabric OS Command Reference Guide v6.1.0 (53-1000 - Page 644
can only be performed by a con d user. Deletion of a con d user's
View all HP StorageWorks 4/64 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 644 highlights
2 sshUtil genkey prompts for user input on the following parameters: passphrase Accepts a string of arbitrary length. This operand is optional, but creating a pass-phrase is strongly recommended. Good pass phrases are 10-30 characters long, are not simple sentences or otherwise easily guessable and contain a mix of upper and lowercase letters, numbers, and non-alphanumeric characters. There is no way to recover a lost pass phrase. If the pass phrase is lost or forgotten, a new key must be generated and copied to the corresponding public key to other machines. exportpubkey Exports the public key from the switch to a specified remote host to support outgoing connections from the switch to a remote host. This option can only be performed by a configured user. The successfully exported public key must be appended to the authorized_keys file on the remote host. Use the cat ~/.ssh/outgoing.pub >> ~/.ssh/authorized_keys command to append the file. exportpubkey prompts for IP Address, remote directory, login name and password. Refer to importpubkey for a description of these parameters. delprivkey Deletes the private key for outgoing connection from the switch. This option can only be performed by a configured user. Deletion of a configured user's private keys effectively blocks outgoing connections initiated by this user that rely on public key authentication with a remote host. help Displays command usage. Examples To configure a user for public key authentication: switch:admin> sshutil allowuser username Allowed user has been successfully changed to username. To display the configured user: switch:username> sshutil showuser username To set up SSH public key authentication on a switch for incoming connections: 1. Generate a private/public key pair on a remote host (accept default directory and file name): username@remotehost> ssh-keygen -t dsa Generating public/private dsa key pair. Enter file in which to save the key (/users/home/username/.ssh/id_dsa): Enter passphrase (empty for no passphrase):passphrase Enter same passphrase again: passphrase Your identification has been saved in /users/home/username/.ssh/id_dsa. Your public key has been saved in /users/home/username/.ssh/id_dsa.pub. The key fingerprint is: 3 0:9f:ae:b6:7f:7e:55:e4:b2:7a:51:f0:95:44:5c:d1 username@host 2. Import the public key from the remote host to the local switch: switch:username> sshutil importpubkey Enter IP address:Remote host IP Address Enter remote directory: ~username/.ssh Enter public key name(must have .pub suffix):id_dsa.pub Enter login name:username 618 Fabric OS Command Reference 53-1000599-02