CLI Authentication
Using Local User SSH Key
As an alternative to using a standard user password, system
administrators can associate a generated public SSH key file with
a user account to gain access to the Oracle ILOM CLI over a secure
shell. By associating a generated public SSH key file with an Oracle
ILOM account, automated scripts can execute SP commands securely in
Oracle ILOM without manual intervention, or the need to embed a
cleartext password.
Prior to appending a public SSH key file to an Oracle ILOM
user account, you must first generate the private and public key
pair using an SSH connectivity tool, like ssh-keygen, and store
the generated SSH key files on a remote SSH system.
Note -
The maximum SSH key size for RSA is 8192 bits. The SSH key size for DSA must
be 1024 bits.
To upload and append a generated user public SSH key file
to an Oracle ILOM user account, or to remove a user public SSH key
file from an Oracle ILOM user account, see the following table.
Table 12 Adding or Removing Public SSH Key File per Local User Account
|
|
|
Key Upload - File Transfer
Options
(set load_uri=) |
Browser|TFTP|SFTP|SCP|HTTP|HTTPS|Paste
|
Add SSH Key
(/ssh/keys/1) |
CLI
Add SSH Key Syntax:
set /SP/users/user_account_name/ssh/keys/1 load_uri=transfer_method://username:password@ipaddress_or_hostname/directorypath/filename
Example:
set /SP/users/adminuser/ssh/keys/1 load_uri=scp://adminuser:userpswd@198.51.100.4/keys/sshkey_1.pub
Note -
The maximum SSH key size for RSA is 8192 bits. The SSH key
size for DSA must be 1024 bits. The supported SSH key sizes
for ECDSA are 256, 384, and 521 bits.
|
Delete SSH Key
(clear action=true) |
CLI
Delete SSH Key Syntax:
set /SP|CMM/users/user_account_name/ssh/keys/1 clear_action=true
Type y to clear public SSH Key or type n to
cancel operation. |
Save |
Web interface
only. To apply changes made to properties within the
SSH Key dialog, you must click Save. |
|