Go to main content

Oracle® ILOM Administrator's Guide for Configuration and Maintenance Firmware Release 3.2.x

Exit Print View

Updated: April 2018
 
 

CLI Authentication Using Local User SSH Key

As an alternative to using a standard user password, system administrators can associate a generated public SSH key file with a user account to gain access to the Oracle ILOM CLI over a secure shell. By associating a generated public SSH key file with an Oracle ILOM account, automated scripts can execute SP commands securely in Oracle ILOM without manual intervention, or the need to embed a cleartext password.

Prior to appending a public SSH key file to an Oracle ILOM user account, you must first generate the private and public key pair using an SSH connectivity tool, like ssh-keygen, and store the generated SSH key files on a remote SSH system.


Note -  The maximum SSH key size for RSA is 8192 bits. The SSH key size for DSA must be 1024 bits.

To upload and append a generated user public SSH key file to an Oracle ILOM user account, or to remove a user public SSH key file from an Oracle ILOM user account, see the following table.

Table 12  Adding or Removing Public SSH Key File per Local User Account  
User Interface Configurable Target:
  • CLI: /SP|CMM/users

  • Web: ILOM Administration > User Management > User Accounts > SSH Key

  • User Role: Read-only (o) for personal SSH key, User Management (u) for other user SSH key

Property
Description
Key Upload - File Transfer Options
(set load_uri=)
Browser|TFTP|SFTP|SCP|HTTP|HTTPS|Paste
For a description of each file transfer method, see Figure 14, Table 14, File Transfer Methods .
Add SSH Key
(/ssh/keys/1)
CLI Add SSH Key Syntax:
set /SP/users/user_account_name/ssh/keys/1 load_uri=transfer_method://username:password@ipaddress_or_hostname/directorypath/filename
Example:
set /SP/users/adminuser/ssh/keys/1 load_uri=scp://adminuser:userpswd@198.51.100.4/keys/sshkey_1.pub

Note -  The maximum SSH key size for RSA is 8192 bits. The SSH key size for DSA must be 1024 bits.

Delete SSH Key
(clear action=true)
CLI Delete SSH Key Syntax:
set /SP|CMM/users/user_account_name/ssh/keys/1 clear_action=true
Type y to clear public SSH Key or type n to cancel operation.
Save
Web interface only. To apply changes made to properties within the SSH Key dialog, you must click Save.