Generating a host key pair, Enabling ssh access using trusted hosts – Sun Microsystems FIRE V40Z User Manual

Chapter 4

Further Management Information

59

# access add public key -l PUBLIC_KEY_FILE [-u user]

The public key file is your RSA or DSA key. Up to 10 users can install public keys;
only one key per user is allowed.

Admin-level users can only add their own public key. Manager-level users can add a
public key for any local user. If the user is not specified in the command, the current
user is the default.

Note –

The maximum supported key length is 4096 bits.

Generating a Host Key Pair

To establish a trusted host relationship, you must set up a host key, which is used to
authenticate one host to another. Follow these steps to generate a host key pair by
copying the public key to the SP to which you want passwordless access:

1. Execute the following command:

# ssh-keygen -t rsa -N

2. Accept the default values, installing to the following directory:

$HOME/.ssh/id_rsa

The following files are created:

$HOME/.ssh/id_rsa

$HOME/.ssh/id_rsa.pub

Enabling SSH Access Using Trusted Hosts

Follow these steps to add users to the local /etc/password file to attempt trusted host
access to the Service Processor:

1. Set up your host keys by executing the following command:

# ssh-host-config

2. Enable access for clients by launching a Bash shell.

■

If you want all network accounts added, execute mkpasswd >> /etc/passwd.

■

If you want just local accounts added, execute mkpasswd -l >> /etc/passwd.

3. Issue the following commands as a manager-level user on the client to establish a

trusted host relationship (

manager1 is used in the example in this step):

a. Copy the client key to /tmp on the SP.

# scp /etc/ssh_host_dsa_key.pub manager1@sp.test.com:/tmp