Add trusted host – HP Onboard Administrator User Manual

Page 79

Advertising
background image

Enclosure network configuration commands 79

Name

Description

Privacy passphrase

Privacy passphrase used to encrypt operations. This

entry must be at least eight characters in length. If not
specified, the authorization passphrase is used.

noAuthNoPriv|authN

oPriv|authPriv

Only applies to local users. A minimal level of security is

required for operation. By default, the operation is

required to be signed but not encrypted (authNoPriv).

noAuthNoPriv—Allows unauthenticated operations

authNoPriv—Requires authentication

authPriv—Required encryption

ENGINEID

Sets the engine ID for the user account. If set, the engine

ID must be a series of hexadecimal characters, up to 32
bytes or 64 characters in length. This parameter is used
for creating remote accounts used with INFORM

messages.

RW

Specifies that this user has read/write access to the OID

tree. If not specified, the user has read-only access.

ADD TRUSTED HOST

Command:
ADD TRUSTED HOST <ip address>

Description:
Adds a new IPv4 or IPv6 address to the list of addresses being handled by the IP Security feature.

Access level /Bay level:
OA administrator, OA operator

Restrictions:

o

You can add a maximum of five IP addresses to the IP Manager.

o

When specifying an IPv6 address, do not specify the prefix length.

NOTE:

RFC 4941 describes an extension to IPv6 SLAAC that allows for generation of

global-scope temporary IPv6 addresses using interface identifiers that change over time. When
an OS that supports RFC 4941 reboots or the current address expires, a new temporary IPv6

address is generated. Windows 7 is an example of an OS that supports RFC 4941.

CAUTION:

RFC 4941 describes an IPv6 SLAAC extension that allows for generation of

global-scope temporary IPv6 addresses using interface identifiers that change over time. When

an OS that supports RFC 4941 reboots or the current address expires, a new temporary IPv6

address is generated. Windows 7 is an example of an OS that supports RFC 4941.
With trusted hosts enabled, if you are accessing the Onboard Administrator from a client hosted

on an OS with RFC 4941 support, a reboot of the client OS can result in the inability to reconnect

to the Onboard Administrator. The connection fails because the client’s new temporary IPv6

address does not match the IPv6 address configured for the client in the Trusted Addresses list. To
avoid this issue, either disable generation of global-scope temporary IPv6 addresses in the OS, or

reconfigure the Trusted Host IP address with the newly generated client IPv6 address.

Advertising
Popular Brands
Popular manuals