User accounts and access, User privileges, Login security – HP Integrated Lights-Out 3 User Manual

Page 46: Administering ssh keys, About ssh keys, User privileges login security

Advertising
background image

User accounts and access

iLO supports the configuration of up to 12 local user accounts. Each account can be managed
through the following features:

Privileges

Login security

You can configure iLO to use a directory to authenticate and authorize its users. This configuration
enables an unlimited number of users and easily scales to the number of iLO devices in an enterprise.
The directory also provides a central point of administration for iLO devices and users, and the
directory can enforce a stronger password policy. iLO enables you to use local users, directory
users, or both.

The following directory configuration options are available:

A directory extended with HP schema

The directory default schema

For more information about using directory authentication, see

“Directory services” (page 160)

.

User privileges

iLO allows you to control user account access to iLO features through the use of privileges. When
a user attempts to use a feature, iLO verifies that the user has the proper privilege to use that
feature.

For information about the available user account and directory group privileges, see

“Managing

iLO users by using the iLO web interface” (page 32)

.

Login security

iLO provides several login security features. After an initial failed login attempt, iLO imposes a
delay of ten seconds. Each subsequent failed attempt increases the delay by ten seconds. An
information page is displayed during each delay; this continues until a valid login occurs. This
feature helps to prevent dictionary attacks against the browser login port.

iLO saves a detailed log entry for failed login attempts. You can configure the Authentication Failure
Logging frequency on the Administration

→Access Settings page. For more information, see

“Configuring access options” (page 40)

.

Administering SSH keys

The Secure Shell Key page displays the hash of the SSH public key associated with each user.
Each user can have only one key assigned. Use this page to view, add, or delete SSH keys.

You must have the Administer User Accounts privilege to add and delete SSH keys.

About SSH keys

When you add an SSH key to iLO, you paste the SSH key file into iLO as described in

“Authorizing

a new SSH key” (page 47)

. The file must contain the user-generated public key. The iLO firmware

associates each key with the selected local user account. If a user is removed after an SSH key is
authorized for that user, the SSH key is removed.

A sample SSH key file follows:

ssh-dss AAAAB3......wHM Administrator

In this sample, ssh-dss AAAAB3.....wHM is the public key, and Administrator is a local
iLO user account.

46

Configuring iLO

Advertising
Popular Brands
Popular manuals