Scheme Type Scheme• RIJNDAEL192-CBC• AES128-CBC• RIJNDAEL128-CBC• BLOWFISH-128-CBC• 3DES-192-CBC• ARCFOUR-128Message Integrity • HMAC-SHA1-160• HMAC-SHA1-96• HMAC-MD5-128• HMAC-MD5-96Authentication PasswordConfigure Public Key Authentication over SSHYou can configure up to 6 public keys that can be used with the service username over SSH interface. Before adding ordeleting public keys, be sure to use the view command to see what keys are already set up so a key is not accidentallyoverwritten or deleted. The service username is a special user account that can be used when accessing the CMCthrough SSH. When the PKA over SSH is set up and used correctly, you need not enter username or passwords to log into the CMC. This can be very useful to set up automated scripts to perform various functions.NOTE: There is no GUI support for managing this feature; you can only use RACADM.When adding new public keys, ensure that the existing keys are not already at the index where the new key is added.CMC does not perform checks to ensure previous keys are deleted before a new one is added. As soon as a new key isadded, it is automatically in effect as long as the SSH interface is enabled.When using the public key comment section of the public key, remember that only the first 16 characters are utilized bythe CMC. The public key comment is used by the CMC to distinguish SSH users when using the RACADM getssninfocommand since all PKA users use the service username to log in.For example, if two public keys are set up one with comment PC1 and one with comment PC2:racadm getssninfoType User IP Address LoginDate/TimeSSH PC1 x.x.x.x 06/16/200909:00:00SSH PC2 x.x.x.x 06/16/200909:00:00For more information on the sshpkauth, see theRACADM Command Line Reference Guide for iDRAC7 and CMC.Related LinksGenerating Public Keys for WindowsGenerating Public Keys for LinuxRACADM Syntax Notes for CMCViewing Public KeysAdding Public KeysDeleting Public Keys139
