Authorizing – HP Integrated Lights-Out 4 User Manual

Z/axobbrHCj/2s66VA/554chkVimJT2IDRRKVkcV8OVC3nb4ckpfFEZvKkAWYaiF
DLqRbHhh4qyRBIfBKQpvvhDj1aecdFbaO2UvZltMir4n8/E0hh19nfi3tjXAtSTV
---- END SSH2 PUBLIC KEY ----

•

OpenSSH key format—These keys must be one line only.

ssh-dss
AAAAB3NzaC1kc3MAAACAYjEd8Rk8HLCLqDIlI+RkA1UXjVS28hNSk8YDljTaJpw1VOlBirrLGPdSt0avNSz0DNQuU7gTPfjj/8c
XyHe3y95Oa3Rics1fARyLiNFGqFjr7w2ByQuoYUaXBzzghIYMQcmpc/W/kDMC0dVOf2XnfcLpcVDIm3ahVPRkxFV9WKkAAAAVAI
3J61F+oVKrbNovhoHh8pFfUa9LAAAAgA8pU5/M9F0s5QxqkEWPD6+FVz9cZ0GfwIbiuAI/9ARsizkbwRtpAlxAp6eDZKFvj3ZIy
NjcQODeYYqOvVU45AkSkLBMGjpF05cVtnWEGEvrW7mAvtG2zwMEDFSREw/V526/jR9TKzSNXTH/wqRtTc/oLotHeyV2jFZFGpxD
OvNWAAAAgFf6pvWaco3CDELmH0jT3yUkRSaDztpqtoo4D7ev7VrNPPjnKKKmpzHPmAKRxz3g5S80SfWSnWM3n/pekBa9QI9lH1r
3Lx4JoOVwTpkbwb0by4eZ2cqDw20KQ0A5J84iQE9TbPNecJ0HJtZH/K8YnFNwwYy2NSJyjLwA0TSmQEOW Administrator

•

iLO legacy format—These are OpenSSH keys surrounded by the BEGIN/END headers needed
for RIBCL. This format must be one line between the BEGIN SSH KEY and END SSH KEY text.

-----BEGIN SSH KEY-----
ssh-dss
AAAAB3NzaC1kc3MAAACBANA45qXo9cM1asav6ApuCREt1UvP7qcMbw+sTDrx9lV22XvonwijdFiOM/0VvuzVhM9oKdGMC7sCGQr
FV3zWDMJcIb5ZdYQSDt44X6bvlsQcAR0wNGBN9zHL6YsbXvNAsXN7uBM7jXwHwrApWVuGAI0QnwUYvN/dsE8fbEYtGZCRAAAAFQ
DofA47q8pIRdr6epnJXSNrwJRvaQAAAIBY7MKa2uH82I0KKYTbNMi0o5mOqmqy+tg5s9GC+HvvYy/S7agpIdfJzqkpHF5EPhm0j
KzzVxmsanO+pjju7lrE3xUxojevlokTERSCM xLa+OVVbNcgTe0xpvc/cF6ZvsHs0UWz6gXIMCQ9Pk118VMOw/tyLp42YXOaLZzG
fi5pKAAAAIEAl7FsO7sDbPj02a5jO3qFXa762lWvu5iPRZ9cEt5WJEYwMO/ICaJVDWVOpqF9spoNb53Wl1pUARJg1ss8Ruy7YBv
8Z1urWWAF3fYy7R/SlQqrsRYDPLM5eBkkLO28B8C6++HjLuc+hBvj90tsqeNVhpCfO9qrjYomYwnDC4m1IT4= ASmith
-----END SSH KEY-----

Note the following when working with SSH keys:

•

The previously listed sample formats are supported with the iLO web interface and the CLI.
Only the iLO legacy format is supported with RIBCL scripts.

•

Any SSH connection authenticated through the corresponding private key is authenticated as
the owner of the key and has the same privileges.

•

The iLO firmware provides storage to accommodate SSH keys that have a length of 1366
bytes or less. If the key is larger than 1366 bytes, the authorization might fail. If this occurs,
use the SSH client software to generate a shorter key.

•

If you use the iLO web interface to enter the public key, you select the user associated with
the public key. If you use the CLI to enter the public key, the public key is linked to the user
name that you entered to log in to iLO. If you use HPQLOCFG to enter the public key, you
append the iLO user name to the public key data. The public key is stored with that user name.

Authorizing a new key by using the iLO web interface

1.

Generate a 2,048-bit DSA or RSA SSH key by using ssh-keygen, puttygen.exe, or
another SSH key utility.

2.

Create the key.pub file.

3.

Navigate to the Administration

→Security page.

4.

Click the Secure Shell Key tab, as shown in

Figure 27 (page 66)

.

Configuring iLO security

65