CLI Authentication Using Local User SSH Key
As an alternative to using a standard user password, system administrators can associate a generated public SSH key file with a user account to gain access to the Oracle ILOM CLI over a secure shell. By associating a generated public SSH key file with an Oracle ILOM account, automated scripts can execute SP commands securely in Oracle ILOM without manual intervention, or the need to embed a cleartext password.
Prior to appending a public SSH key file to an Oracle ILOM user account, you must first generate the private and public key pair using an SSH connectivity tool, like ssh-keygen, and store the generated SSH key files on a remote SSH system.
Note:
The maximum SSH key size for RSA is 8192 bits.To upload and append a generated user public SSH key file to an Oracle ILOM user account, or to remove a user public SSH key file from an Oracle ILOM user account, see the following table.
Table 3-5 Adding or Removing Public SSH Key File per Local User Account
User Interface Configurable
Target:
|
|
---|---|
Property | Description |
Key Upload - File Transfer Options ( |
Browser|TFTP|SFTP|SCP|HTTP|HTTPS|Paste For a description of each file transfer method, see File Transfer Methods . |
Add SSH Key
|
CLI Add SSH Key Syntax: set /SP/users/ user_account_name /ssh/keys/1 load_uri= transfer_method://username:password@ipaddress_or_hostname/directorypath/filename Example: set /SP/users/adminuser/ssh/keys/1 load_uri=scp://adminuser:userpswd@198.51.100.4/keys/sshkey_1.pub Note: The maximum SSH key size for RSA is 8192 bits. |
Delete SSH Key (clear action=true) |
CLI Delete SSH Key Syntax: set /SP/users/user_account_name/ssh/keys/1 clear_action=true Type y to clear public SSH Key or type n to cancel operation. |
Save |
Web interface only. To apply changes made to properties within the SSH Key dialog, you must click Save. |