Remote administration settings overview, Remote administration settings sections, 130 viewing the grant a credential section – HP Secure Key Manager User Manual

Figure 130 Viewing the Grant a Credential section

The following table describes the components of the Grant a Credential section.

Table 110 Grant a Credential section components

Component

Description

Grant to

Enter the name of the administrator to whom you grant your credentials.

Duration (in

minutes)

Enter the length of duration. This duration cannot be longer than the Maximum

Duration for Time-Limited Credentials established in the Multiple Credentials for Key

Administration section.

Allowed Operations Select the specific operations for which you are granting your credentials. You may

only grant credentials for those operations listed here.

Grant

Click Grant to execute the credential grant.

Remote Administration Settings overview

You can administer the SKM locally and remotely. Local administration involves logging into the

SKM from a machine that is physically connected to the device via a null modem cable. Remote

administration involves logging into the SKM from the Management Console or an SSH session. The

Remote Administration Settings, which are first specified during initial configuration, determine the IP

addresses and ports that are used to administer the SKM.
The Web Admin User Authentication feature provides an additional security safeguard against

unauthorized configuration of the SKM. When this feature is enabled, administrators are asked for

a Client Certificate when they attempt to log in to the SKM. After presenting a client certificate,

administrators can only log in to the SKM with a username that matches the common name field

on the client certificate. For example, if the common name of the client certificate is admin, then the

administrator can only log in as admin.
From the Remote Administrations Settings page, you can also recreate the Web Administration Certificate

and the SSH Key used by the SKM. The Remote Admin Certificate is a self–signed certificate created

during initial configuration that can be used to verify that the hostname in the certificate matches the

hostname of the machine being logged into. Because the certificate is only presented to people logging

into the Management Console, there is no reason to have the certificate signed by a Certificate Authority.
The SSH Key is used to generate a session key that is used for encryption and decryption operations

while you are logged into the SKM.

Remote Administration Settings sections

The Administrator Configuration page enables to configure remote administration. This page contains the

following remote administration-related section:

• Remote Administration Settings

Secure Key Manager

215