Console Server & Router User Manual
293
Your public key has been saved in
/home/user/.ssh/id_[rsa|dsa].pub.
The key fingerprint is:
28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server
$
It is advisable to create a new directory to store your generated keys. It is also possible to name the files after the device
they will be used for. For example:
$ mkdir keys
$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
/home/user/keys/control_room
Enter
passphrase
(empty for no passphrase):
Enter same
passphrase
again:
Your identification has been saved in
/home/user/keys/control_room
Your public key has been saved in
/home/user/keys/control_room.pub
.
The key fingerprint is:
28:aa:29:38:ba:40:f4:11:5e:3f:d4:fa:e5:36:14:d6 user@server
$
You should ensure there is no password associated with the keys. If there is a password, then the
console servers
will
have no way to supply it as runtime.
Authorized Keys:
If the
console server
selected to be the server will only have one client device, then the
authorized_keys
file is simply a
copy of the public key for that device. If one or more devices will be clients of the server, then the
authorized_keys
file will
contain a copy of all of the public keys. RSA and DSA keys may be freely mixed in the
authorized_keys
file.
For example, assume we already have one server, called
bridge_server
, and two sets of keys, for the
control_room
and
the
plant_entrance
:
$ ls /home/user/keys
control_room control_room.pub plant_entrance plant_entrance.pub
$ cat /home/user/keys/control_room.pub
/home/user/keys/plant_entrance.pub >
/home/user/keys/authorized_keys_bridge_server
Uploading Keys:
The keys for the server can be uploaded through the web interface, on the
System: Administration
page as detailed
earlier. If only one client will be connecting, then simply upload the appropriate public key as the authorized keys file.
Otherwise, upload the authorized keys file constructed in the previous step.
Each client will then need it's own set of keys uploaded through the same page. Take care to ensure that the correct type
of keys (DSA or RSA) go in the correct spots, and that the public and private keys are in the correct spot.
15.6.8 SDT Connector Public Key Authentication
SDT Connector can authenticate against a
console server
using your SSH key pair rather than requiring your to enter
your password (i.e. public key authentication).
To use public key authentication with SDT Connector, first you must first create an RSA or DSA key pair (using
ssh-
keygen, PuTTYgen
or a similar tool) and add the public part of your SSH key pair to the
console server
– as described
in the earlier section.
Next, add the private part of your SSH key pair (this file is typically named
id_rsa
or
id_dsa
) to SDT Connector client.
Click
Edit: Preferences: Private Keys: Add
, locate the private key file and click
OK
. You do not have to add the
public part of your SSH key pair, it is calculated using the private key.
Summary of Contents for ACM5000
Page 3: ......
Page 10: ...Table of Contents 10 Console Server RIM Gateway User Manual...
Page 11: ......
Page 94: ...Chapter 5 Firewall Failover and Out of Band 94 Console Server RIM Gateway User Manual...
Page 119: ......
Page 149: ......
Page 191: ......
Page 205: ......
Page 225: ......
Page 303: ......
Page 313: ......
Page 323: ......