Dell EMC Unity: Storage administrator cannot log in to Unity management interface using SSH with public key file (Dell EMC Correctable)

Summary: Storage administrator cannot log in to Unity management interface using SSH with public key file.

This article applies to This article does not apply to This article is not tied to any specific product. Not all product versions are identified in this article.
Check out other resources

Symptoms

  1. The Unity system was upgraded from OE 4.5 to 5.0.
  2. Due to security policy, only HMAC SHA2 is allowed on Linux client side.
Storage administrator configured a password-less SSH login (SSH public key file login) from their Linux client (RHEL7) to Unity management interface, which worked fine before. After upgrade of Unity from OE 4.5 to 5.0, it does not work.

Cause

  1. The extra ACL that was added in 5.0 to /cores/service as part of the change of user that ECOM service is running under, is the cause of this issue. In 4.5, ECOM was running as root, and in 5.0, it was changed to a new user ECOM. ACLs were added for user ECOM to /cores/service. This extra ACL causes SSH to fail passwordless login.
  2. The issue caused because Unity does not enable hmac-sha2 by default. Unity would restrict SSH to SHA2 HMACs only in next release (5.1).

Resolution

Contact Dell EMC Technical Support or your Authorized Service Representative, and quote this Knowledgebase article ID.

Affected Products

Dell EMC Unity Family

Products

Dell EMC Unity Family |Dell EMC Unity All Flash, Dell EMC Unity Family
Article Properties
Article Number: 000055630
Article Type: Solution
Last Modified: 02 Dec 2021
Version:  4
Find answers to your questions from other Dell users
Support Services
Check if your device is covered by Support Services.