Importing an ssh key, Supported ssh features – HP Lights-Out 100 Remote Management User Manual
Page 13
Using Integrated Lights-Out 100 13
Lights-Out 100 remote management processor can support simultaneous access from two SSH clients.
After SSH is connected and authenticated, the command line interface is available.
Before using SSH for the first time, perform the one-time setup procedure detailed in the "Importing an
SSH key (on page
The remote management processor supports:
•
SSH protocol version 2.
•
PuTTY 0.54, which is a free version of telnet and SSH protocol available for download on the
Internet. When using PuTTY, versions before 0.54 might display two line feeds instead on a single
line feed, when the Enter key is pressed. To avoid this issue and for best results, HP recommends
using version 0.54 or later.
•
OpenSSH, which is a free version of the SSH protocol available for download on the Internet.
NOTE: Logging in to an SSH session could take up to 90 seconds. Depending on the client used, you might
not see on-screen activity during this time.
Importing an SSH key
Before using the SSH features of the Lights-Out 100 remote management processor, a public key must be
created and installed on the Lights-Out 100. The public key must be generated using external 3rd-party
software, placed on a TFTP server and uploaded to the Lights-Out 100 using a sequence of commands.
Lights-Out 100 requires a 1028-bit DSA key stored in PEM (base 64 encoded) format to be located on a
TFTP server. For example, the SSHWindows package downloaded from the OpenSSH website
e key on a Windows® client.
Download the program SetupSSH.exe to the server, execute the file, and follow the on-screen instruction
to complete the installation.
1.
Use the following command in a DOS (command) window to generate a 1028-bit DSA key:
ssh-keygen -b 1028 -t dsa -f sshkey
This command will create two files in the current directory, a private key file (sshkey) and a public
key file (sshkey.pub).
2.
Place the private key file sshkey on a TFTP server for upload to the Lights-Out 100 management
processor.
3.
Login to the Lights-Out 100, through the CLP interface using the admin username, change to the
/./map1/firmware directory, and execute the following command from the command line:
load -source <URI> -oemhpfileType key
•
<URI>—//tftpserver IP/path/filename to be downloaded
•
tftpserver—the URL or IP address of the TFTP server containing the keyfile
•
filename—the file name of the key file.
Supported SSH features
The management processor only supports version 2, SSH-2, of the protocol. The different algorithms
supported are:
Feature
Encryption
DES, 3DES, AES
Hashing algorithms
SHA1, SHA1-96
Key based
authentication
DSA public key