Generating host keys – Sun Microsystems FIRE V40Z User Manual

92

Sun Fire V20z and Sun Fire V40z Servers, Server Management Guide • May, 2004

If the login is authorized through a mapping of a directory-service group, the ssh
command is executed as the proxy user on the SP, either rmonitor, radmin or rmanager.

Support is available for SSH protocol version 2 key types (RSA or DSA) only.

If DNS is enabled on the SP, the client machine must be specified with its DNS name,
(and not the IP address).

Generating Host Keys

The host’s ssh install should generate the host keys. If it does not, follow these steps
to manually generate the key pair:

1. Enter the following command:

ssh-keygen -q -t rsa -f rsa_key -C '' -N ''

2. Copy rsa_key to /etc/ssh/ssh_host_rsa_key.

3. Ensure that only root has read or write permission to this file. The rsa_key.pub

file is the file you will transfer to the SP.

Note –

Only protocol version 2 key types and 1024 bit key sizes (the default

generated by ssh-keygen) are supported.

4. Copy the host’s public key (the rsa_key.pub file) to the SP using scp (secure

copy) or by copying the host key to an external file system that has been mounted
on the SP.

Note –

Use scp to copy the files to either /tmp or to your home directory. The sp

commands will then install the file specified on the command line to /pstore.

Note –

If DNS is enabled on the SP, you must specify the client that is used in the

trust commands with its DNS name (and not the IP address).