Using SSH with CMCSSH is a command line session that includes the same capabilities as a Telnet session, but with session negotiation and encryption toimprove security. CMC supports SSH version 2 with password authentication. SSH is enabled on the CMC by default.NOTE: CMC does not support SSH version 1.When an error occurs during the CMC login, the SSH client issues an error message. The message text is dependent on the clientand is not controlled by CMC. Review the RACLog messages to determine the cause of the failure.NOTE: OpenSSH must be run from a VT100 or ANSI terminal emulator on Windows. You can also run OpenSSH usingPutty.exe. Running OpenSSH at the Windows command prompt does not provide full functionality (that is, some keys donot respond and no graphics are displayed). On servers that run Linux, run SSH client services to connect to CMC withany shell.Four simultaneous SSH sessions are supported at a time. The session timeout is controlled by the cfgSsnMgtSshIdleTimeoutproperty. For more information about the RACADM commands, see the Dell Chassis Management Controller for PowerEdge FX2/FX2s RACADM Command Line Reference Guide available at dell.com/support/Manuals.CMC also supports Public Key Authentication (PKA) over SSH. This authentication method improves SSH scripting automation byremoving the need to embed or prompt for user ID/password.SSH is enabled by default. If SSH is disabled, then you can enable it using any other supported interface.Supported SSH cryptography schemesTo communicate with CMC using SSH protocol, it supports multiple cryptography schemes listed in the following table.Table 16. Cryptography SchemesScheme Type SchemeAsymmetric Cryptography Diffie-Hellman DSA/DSS 512–1024 (random) bits per NIST specificationSymmetric Cryptography • AES256-CBC• RIJNDAEL256-CBC• AES192-CBC• RIJNDAEL192-CBC• AES128-CBC• RIJNDAEL128-CBC• BLOWFISH-128-CBC• 3DES-192-CBC• ARCFOUR-128Message Integrity • HMAC-SHA1-160• HMAC-SHA1-96• HMAC-MD5-128• HMAC-MD5-96Authentication PasswordConfigure public key authentication over SSHYou can configure up to six public keys that can be used with the service username over an SSH interface. Before adding or deletingpublic keys, make sure to use the view command to see what keys are already set up, so that a key is not accidentally overwrittenor deleted. The service username is a special user account that can be used when accessing the CMC through SSH. When the PKAover SSH is set up and used correctly, you need not enter username or passwords to log in to the CMC. This can be very useful toset up automated scripts to perform various functions.110