Configuring SSH Unknown and Changed Host Key Policies

This section provides the procedure for changing SSH policies for changed and unknown host keys.

To Change SSH Policies

Steps

1. Log in as root to the N1 System Manager management server.

2. Stop N1 System Manager.

   • On a Solaris management server, type svcadm disable n1sm.

   • On a Linux management server, type /etc/init.d/n1sminit stop.

   Wait for all N1 System Manager processes to stop.

3. Change the management IP address policies as follows:

   • Unknown host keys:

     • To accept unknown host keys, type n1smconfig -ssh_unk_man_ip=y.

     • To reject unknown host keys, type n1smconfig -ssh_unk_man_ip=n.

   • Changed host keys:

     • To accept changed host keys, type n1smconfig -ssh_cha_man_ip=y.

     • To reject changed host keys, type n1smconfig -ssh_cha_man_ip=n.

4. Change the platform IP address policies as follows:

   • Unknown host keys:

     • To accept unknown host keys, type n1smconfig -ssh_unk_pla_ip=y.

     • To reject unknown host keys, type n1smconfig -ssh_unk_pla_ip=y.

   • Changed host keys:

     • To accept changed host keys, type n1smconfig -ssh_cha_pla_ip=y.

     • To reject changed host keys, type n1smconfig -ssh_cha_pla_ip=y.

5. Start N1 System Manager.

   • On a Solaris management server, type svcadm enablee n1sm.

   • On a Linux management server, type /etc/init.d/n1sminit start.