CLI Authentication
Using Local User SSH Key
As an alternative to using a standard user password, system
administrators can associate a generated public SSH key file with
a user account to gain access to the Oracle ILOM CLI over a secure
shell. By associating a generated public SSH key file with an Oracle
ILOM account, automated scripts can execute SP commands securely in
Oracle ILOM without manual intervention, or the need to embed a
cleartext password.
Prior to appending a public SSH key file to an Oracle ILOM
user account, you must first generate the private and public key
pair using an SSH connectivity tool, like ssh-keygen, and store
the generated SSH key files on a remote SSH system.
Note -
The maximum SSH key size for RSA is 8192 bits. The SSH key size for DSA must
be 1024 bits.
To upload and append a generated user public SSH key file
to an Oracle ILOM user account, or to remove a user public SSH key
file from an Oracle ILOM user account, see the following table.
Table 12 Adding or Removing Public SSH Key File per Local User Account
|
|
|
Key Upload - File Transfer
Options
(set load_uri=) |
Browser|TFTP|SFTP|SCP|HTTP|HTTPS|Paste
|
Add SSH Key
(/ssh/keys/1) |
CLI
Add SSH Key Syntax:
set /SP/users/user_account_name/ssh/keys/1 load_uri=transfer_method://username:password@ipaddress_or_hostname/directorypath/filename
Example:
set /SP/users/adminuser/ssh/keys/1 load_uri=scp://adminuser:userpswd@198.51.100.4/keys/sshkey_1.pub
Note -
The maximum SSH key size for RSA is 8192 bits. The SSH key
size for DSA must be 1024 bits.
|
Delete SSH Key
(clear action=true) |
CLI
Delete SSH Key Syntax:
set /SP|CMM/users/user_account_name/ssh/keys/1 clear_action=true
Type y to clear public SSH Key or type n to
cancel operation. |
Save |
Web interface
only. To apply changes made to properties within the
SSH Key dialog, you must click Save. |
|