SSH PK Authentication and Auto login configuration for Chassis Management Controller

Similar documents
Security+ Guide to Network Security Fundamentals, Third Edition. Chapter 11 Basic Cryptography

APNIC elearning: Cryptography Basics

Cryptographic Concepts

Cryptographic Systems

Application Note. Configuring SSH on Vocality units. Software From V07_04_01. Revision v1.5

Cryptography and Network Security. Sixth Edition by William Stallings

Cryptography and Network Security

Lecture 30. Cryptography. Symmetric Key Cryptography. Key Exchange. Advanced Encryption Standard (AES) DES. Security April 11, 2005

Distributed Systems. 26. Cryptographic Systems: An Introduction. Paul Krzyzanowski. Rutgers University. Fall 2015

NETWORK SECURITY & CRYPTOGRAPHY

9/30/2016. Cryptography Basics. Outline. Encryption/Decryption. Cryptanalysis. Caesar Cipher. Mono-Alphabetic Ciphers

Cryptography Basics. IT443 Network Security Administration Slides courtesy of Bo Sheng

Network Security Issues and Cryptography

Public Key Cryptography

IEEE Std and IEEE Std 1363a Ashley Butterworth Apple Inc.

Digital Certificates Demystified

CSC/ECE 774 Advanced Network Security

CSC 774 Network Security

The most important development from the work on public-key cryptography is the digital signature. Message authentication protects two parties who

UNIVERSITY OF CYPRUS Computer Science Department

Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2010

Public Key Cryptography, OpenPGP, and Enigmail. 31/5/ Geek Girls Carrffots GVA

Public Key Algorithms

Computer Security: Principles and Practice

Cryptography (Overview)

CRYPTOGRAPHY AND NETWROK SECURITY-QUESTION BANK

Key Exchange. References: Applied Cryptography, Bruce Schneier Cryptography and Network Securiy, Willian Stallings

CSCI 454/554 Computer and Network Security. Topic 5.2 Public Key Cryptography

1.264 Lecture 28. Cryptography: Asymmetric keys

Public Key Algorithms

Outline. CSCI 454/554 Computer and Network Security. Introduction. Topic 5.2 Public Key Cryptography. 1. Introduction 2. RSA

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Key Management and Distribution

Lecture III : Communication Security Mechanisms

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Introduction to Cryptography. Vasil Slavov William Jewell College

Chapter 9. Public Key Cryptography, RSA And Key Management

Outline. Public Key Cryptography. Applications of Public Key Crypto. Applications (Cont d)

Lecture 6: Overview of Public-Key Cryptography and RSA

UNIT - IV Cryptographic Hash Function 31.1

ISA 662 Internet Security Protocols. Outline. Prime Numbers (I) Beauty of Mathematics. Division (II) Division (I)

Public-Key Cryptography. Professor Yanmin Gong Week 3: Sep. 7

Cryptography and Network Security. Sixth Edition by William Stallings

Protecting Information Assets - Week 11 - Cryptography, Public Key Encryption and Digital Signatures. MIS 5206 Protecting Information Assets

L13. Reviews. Rocky K. C. Chang, April 10, 2015

Keywords Session key, asymmetric, digital signature, cryptosystem, encryption.

CSE 3461/5461: Introduction to Computer Networking and Internet Technologies. Network Security. Presentation L

Authentication CHAPTER 17

CSC 474/574 Information Systems Security

Topics. Number Theory Review. Public Key Cryptography

Key Management and Elliptic Curves

CSC 474/574 Information Systems Security

KALASALINGAM UNIVERSITY

Security: Focus of Control. Authentication

Ref:

Sankalchand Patel College of Engineering, Visnagar Department of Computer Engineering & Information Technology. Question Bank

2.1 Basic Cryptography Concepts

Computer Security. 08. Cryptography Part II. Paul Krzyzanowski. Rutgers University. Spring 2018

Cryptography Application : SSH. Cyber Security & Network Security March, 2017 Dhaka, Bangladesh

Computer Security 3/23/18

PROTECTING CONVERSATIONS

POST-QUANTUM CRYPTOGRAPHY VIENNA CYBER SECURITY WEEK DR. DANIEL SLAMANIG

Simplifying Blade Server Update with Dell Repository Manager

UNCLASSIFIED INFORMATION TECHNOLOGY SECURITY GUIDANCE

Technological foundation

Deploying a New Hash Algorithm. Presented By Archana Viswanath

Acronyms. International Organization for Standardization International Telecommunication Union ITU Telecommunication Standardization Sector

PASSWORDS & ENCRYPTION

Overview. SSL Cryptography Overview CHAPTER 1

IBM i Version 7.2. Security Digital Certificate Manager IBM

Security: Focus of Control

Key Exchange. Secure Software Systems

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

Chapter 3. Principles of Public-Key Cryptosystems

Chapter 9 Public Key Cryptography. WANG YANG

Lecture 9a: Secure Sockets Layer (SSL) March, 2004

Authenticating on a Ham Internet

Symmetric, Asymmetric, and One Way Technologies

CIS 4360 Secure Computer Systems Applied Cryptography

(2½ hours) Total Marks: 75

This chapter continues our overview of public-key cryptography systems (PKCSs), and begins with a description of one of the earliest and simplest

Public-key Infrastructure Options and choices

Security. Communication security. System Security

SEARCHABLE SYMMETRIC ENCRYPTION

FIPS SECURITY POLICY FOR

Most Common Security Threats (cont.)

Kurose & Ross, Chapters (5 th ed.)

(a) Symmetric model (b) Cryptography (c) Cryptanalysis (d) Steganography

ISACA CISA. ISACA CISA ( Certified Information Systems Auditor ) Download Full Version :

Key Management and Distribution

Cryptography and Network Security Chapter 10. Fourth Edition by William Stallings

Cryptography & Key Exchange Protocols. Faculty of Computer Science & Engineering HCMC University of Technology

Understanding Cryptography A Textbook for Students and Practitioners by Christof Paar and Jan Pelzl. Chapter 6 Introduction to Public-Key Cryptography

WAP Security. Helsinki University of Technology S Security of Communication Protocols

Encryption. INST 346, Section 0201 April 3, 2018

06/02/ Local & Metropolitan Area Networks. 0. Overview. Terminology ACOE322. Lecture 8 Network Security

Cristina Nita-Rotaru. CS355: Cryptography. Lecture 17: X509. PGP. Authentication protocols. Key establishment.

Data Security and Privacy. Topic 14: Authentication and Key Establishment

Dell SonicWALL. NSA 220, NSA 220W and NSA 240. FIPS Non-Proprietary Security Policy

Princess Nora Bint Abdulrahman University College of computer and information sciences Networks department Networks Security (NET 536)

Transcription:

SSH PK Authentication and Auto login configuration for Chassis Management Controller Dell technical white paper Dell Engineering May 2016 Author: Elangovan G

Revisions Date August 2013 May 2016 Description Initial release Copyright statement updated THIS WHITE PAPER IS FOR INFORMATIONAL PURPOSES ONLY, AND MAY CONTAIN TYPOGRAPHICAL ERRORS AND TECHNICAL INACCURACIES. THE CONTENT IS PROVIDED AS IS, WITHOUT EXPRESS OR IMPLIED WARRANTIES OF ANY KIND. Copyright 2016 Dell Inc. All rights reserved. Dell and the Dell logo are trademarks of Dell Inc. in the United States and/or other jurisdictions. All other marks and names mentioned herein may be trademarks of their respective companies.

Table of contents Revisions... 2 Executive summary... 4 1 Introduction... 5 2 Generate Public and Private key using Putty Generate tool... 6 3 Uploading public key to CMC... 11 4 Configure and uploading private key to Putty... 15

Executive summary Public key cryptography, or asymmetric cryptography, is any cryptographic system that uses two kinds of keys: public keys that may be disseminated widely, while private keys are known only to the owner. In a public key encryption system, any person can encrypt a message using the public key of the receiver, but such a message can be decrypted only with the receiver's private key. For this to work it must be computationally easy for a user to generate a public and private key-pair to be used for encryption and decryption. The strength of a public key cryptography system relies on the degree of difficulty (computational impracticality) for a properly generated private key to be determined from its corresponding public key. Security then depends only on keeping the private key private, and the public key may be published without compromising security. Public key cryptography systems often rely on cryptographic algorithms based on mathematical problems that currently admit no efficient solution particularly those inherent in certain integer factorization, discrete logarithm, and elliptic curve relationships. Public key algorithms, unlike symmetric key algorithms, do not require a secure channel for the initial exchange of one (or more) secret keys between the parties. Because of the computational complexity of asymmetric encryption, it is usually used only for small blocks of data, typically the transfer of a symmetric encryption key (e.g. a session key). This symmetric key is then used to encrypt the rest of the potentially long message sequence. The symmetric encryption/decryption is based on simpler algorithms and is much faster. Message authentication involves hashing the message to produce a "digest," and encrypting the digest with the private key to produce a digital signature. Thereafter anyone can verify this signature by computing the hash of the message, decrypting the signature with the signer's public key, and comparing the computed digest with the decrypted digest. Equality between the digests confirms the message is unmodified since it was signed, and that the signer, and no one else, intentionally performed the signature operation presuming the signer's private key has remained secret. The security of such procedure depends on a hash algorithm of such quality that it is computationally impossible to alter or find a substitute message that produces the same digest - but studies have shown that even with the MD5 and SHA-1 algorithms, producing an altered or substitute message is not impossible.the current hashing standard for encryption is SHA-2. The message itself can also be used in place of the digest. Public key algorithms are fundamental security ingredients in cryptosystems, applications and protocols. They underpin various Internet standards, such as Transport Layer Security (TLS), S/MIME, PGP, and GPG. Some public key algorithms provide key distribution and secrecy (e.g., Diffie Hellman key exchange), some provide digital signatures (e.g., Digital Signature Algorithm), and some provide both (e.g., RSA). Public key cryptography finds application in, among others, the information technology security discipline. Information security (IS) is concerned with all aspects of protecting electronic information assets against security threats.[6] Public key cryptography is used as a method of assuring the confidentiality, authenticity and non-repudiability of electronic communications and data storage.

1 Introduction The system management consoles like Chassis Management Controller (CMC) and idrac providing a support for double factor authentication method for Auto login which is known as "SSH PK Authenication". This is accomplished using Public and Private keys which can be generated though client tools like "Putty Key Generator". The same Public and Private keys can be re-used across same or different platforms. This document provides step by step procedure to Setup, Configure and Use "SSH PK Authentication" for CMC. 5 SSH PK Authentication and Auto login configuration for Chassis Management Controller

2 Generate Public and Private key using Putty Generate tool To generate public and private key using the Putty Key Generator tool, perform the following steps. 1) Select Type of key to generate as SSH-2 RSA and Valid key size is 2048 and above. 2) Open Putty and click the Generate button to generate apublic and private key set. Note: SSH-2 DSA algoritham is not supported for CMC. SSH PK Authentication and Auto login configuration for Chassis Management Controller

3) Move the cursor in the blank area to generate the key set. 7 SSH PK Authentication and Auto login configuration for Chassis Management Controller

4) The public and private key are generated. SSH PK Authentication and Auto login configuration for Chassis Management Controller

5) Click the Save public key button to save the puplic key. 9 SSH PK Authentication and Auto login configuration for Chassis Management Controller

6) Save the Private key by clicking Save private key button. SSH PK Authentication and Auto login configuration for Chassis Management Controller

3 Uploading public key to CMC Login to CMC and upload the SSH PK Authentication public key, which is generated using Putty Generate tool, using the following method. 1) Login to CMC using admin credentials (the default credentials are root/calvin) 11 SSH PK Authentication and Auto login configuration for Chassis Management Controller

2) Verify the sshpk authentication command help details using the command, racadm sshpkauth. SSH PK Authentication and Auto login configuration for Chassis Management Controller

3) Verify the already uploaded public key details using the command, racadm sshpkauth -i svcacct -k all -v. 4) Upload the generated puplic key text to CMC using the command, racadm sshpkauth -i svcacct -k 1 - p 0xfff -t "sshrsa.aaaab3nzac1yc2eaaaabjqaaaiea7ki1gvltx3/jf76wjtoholkjivnzhqcrgn5sm6xk+h+edovs4m +J38hNgdumI9Ee5g3mddNSaHadHrVXjoE4OujqIK8EwjzO6umjTIS2NIC7aI8+Zo5InPjyK0Xi7Px233AQ DbN9yX+5eCU38wvvd9RR6vRNy1UWSXX5MABAgWM= rsa-key-20160419" Note: Once the key is uploaded successfully, the command output is displayed as Key successfully uploaded. Or upload the public key file using the command, racadm -r xxx.xxx.xxx.xxx -u root -p password@123 sshpkauth -i svcacct -k 1 -p 0xfff -f Putty-Public. 13 SSH PK Authentication and Auto login configuration for Chassis Management Controller

5) Verify the uploaded public key using the command, racadm sshpkauth -i svcacct -k all -v. SSH PK Authentication and Auto login configuration for Chassis Management Controller

4 Configure and uploading private key to Putty 1) Open the Putty and provide the Host Name or IP address for the CMC in the Host Name (or IP address) and Saved Sessions text boxes. 15 SSH PK Authentication and Auto login configuration for Chassis Management Controller

2) Navigate the Putty configuration to Session Terminal Window Connection Data and provide the Login details. Use the Auto-login username, service. SSH PK Authentication and Auto login configuration for Chassis Management Controller

3) Upload the Private key file by navigate Putty configuration to Session Terminal Window Connection SSH Auth and click the browse button for provide the Private key(*.ppk) file location 17 SSH PK Authentication and Auto login configuration for Chassis Management Controller

4) Navigate to Session and click the save button to save the CMC session in Putty. 5) Click the Open button to open the CMC SSH PK Authentication session. SSH PK Authentication and Auto login configuration for Chassis Management Controller

6) The SSH PK Authentication session for CMC is opened successfully without prompting for username and password. 7) Check the Open session for CMC using the command, racadm getssninfo. 19 SSH PK Authentication and Auto login configuration for Chassis Management Controller

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback