- Notes, cautions, and warnings
- Overview
- Built in iDRAC and PowerEdge Security
- Securely Configuring iDRAC Web Server
- Securely Using TLS/SSL Certificate
- Federal Information Processing Standards (FIPS)
- Secure Shell (SSH)
- Network Security Configuration
- Interfaces and Protocols to Access iDRAC
- iDRAC Port Configuration
- IPMI and SNMP Security Best Practices
- Secure Enterprise Key Manager (SEKM) Security
- iDRAC9 Group Manager
- Virtual Console and Virtual Media Security
- VNC Security
- User Configuration and Access Control
- Configuring Local Users
- Disabling Access to Modify iDRAC Configuration Settings on Host System
- iDRAC User Roles and Privileges
- Superroot User
- Recommended Characters in Usernames and Passwords
- Password Strength Policy
- Secure Default Password
- Changing the Default Login Password using Web Interface
- Force Change of Password (FCP)
- Simple 2-Factor Authentication (Simple 2FA)
- RSA SecurID Two Factor Authentication (2FA) iDRAC9 Datacenter
- Active Directory
- LDAP
- Customizable Security Banner
- System Lockdown Mode
- Securely Configuring BIOS System Security
- Secure Boot Configuration
- Securely Erasing Data
- LCD Panel
- Server Inventory, Lifecycle Log, Server Profiles, and Licenses Import and Export
- Security Events Lifecycle Log
- Default Configuration Values
- Network Vulnerability Scanning
- Security Licensing
- Field Service Debug (FSD)
- Best Practices
- Appendix - White papers
Bienvenue
Bienvenue dans l’univers Dell
Mon compte
- Passer des commandes rapidement et facilement
- Afficher les commandes et suivre l’état de votre expédition
- Profitez de récompenses et de remises réservées aux membres
- Créez et accédez à une liste de vos produits
- Gérer vos sites, vos produits et vos contacts au niveau des produits Dell EMC à l’aide de la rubrique Gestion des informations de l’entreprise.
iDRAC9 Security Configuration Guide
Using Public Key Authentication for SSH
iDRAC supports Public Key Authentication (PKA) over SSH. This is a licensed feature. When the PKA over SSH is set up and used correctly, you must enter the username while logging into iDRAC. This is useful for setting up automated scripts that perform various functions. The uploaded keys must be in RFC 4716 or OpenSSH format. Else, you must convert the keys into that format. In any scenario, a pair of private and public keys must be generated on the management station. The public key is uploaded to iDRAC local user, and private key is used by the SSH client to establish the trust relationship between the management station and iDRAC. Public Key Authentication is recommended as a security feature because it cryptographically verifies authentication and eliminates the need for password credentials. To achieve the highest level of security, it is recommended to generate an RSA key with a 4096-bit key size which is the maximum that is supported on iDRAC.
You can generate the public or private key pair using:
- PuTTY Key Generator application for clients running Windows
- ssh-keygen CLI for clients running Linux.
The public key can be uploaded using iDRAC Web interface or RACADM command-line interface.
CAUTION:This privilege is reserved for users who are members of the
Administrator user group on iDRAC. However, users in the
Custom user group can be assigned this privilege. A user with this privilege can modify any user’s configuration. This includes creation or deletion of any user, SSH Key management for users, and so on. For these reasons, assign this privilege carefully.
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez attribuer une note (1 à 5 étoiles).
Veuillez indiquer si l’article a été utile ou non.
Les commentaires ne doivent pas contenir les caractères spéciaux : <>()\