1. Oracle ILOM Security Guide For Firmware Release 5.0.x
  2. Oracle ILOM Deployment Practices for Increasing Security
  3. Configuring Oracle ILOM Interfaces for Increased Security
  4. Configure the CLI for Increased Security
  5. Use Server Side Keys to Encrypt SSH Connections

Use Server Side Keys to Encrypt SSH Connections

Oracle ILOM provides a Secure Shell (SSH) server capability, allowing remote clients to securely connect and manage Oracle ILOM through a command-line interface. The SSH protocol uses server-side keys to encrypt the management channel and secure all communication. SSH clients also use these keys to verify the authenticity of the SSH server.

Oracle ILOM generates a set of unique SSH keys on the first boot of a factory default system. In the event that new server-side keys are needed, Oracle ILOM supports the ability to manually generate additional SSH server-side keys.

Note:

Support for DSA Keys was removed in Oracle ILOM as of firmware version 5.0.0.

To view or manually generate SSH server-side encryption keys, see the following web-based instructions.

Before You Begin

  • The Admin (a) is required to modify the SSH server properties.
  1. In the Oracle ILOM web Interface, click ILOM Administration -> Management Access-> SSH Server.
  2. In the SSH Server page, do one of the following:
    • Review the generated RSA information
    • Click Generate RSA Key to generate a new key.
  3. To apply and use a newly generated SSH key, click Restart to restart the SSH server.

    All active Oracle ILOM command-line sessions using SSH are immediately terminated during an SSH server restart.

Related Information