Tripp Lite 0 Idades Manual
Here you can view all the pages of manual Tripp Lite 0 Idades Manual. The Tripp Lite manuals for Switch are available online for free. You can easily download all the documents as PDF.
Page 231
231 Chapter 15: Advanced Configuration 15.6.2 Generating Public Keys (Linux) To generate new SSH key pairs use the Linux ssh-keygen command. This will produce an RSA or DSA public/private key pair and you will be prompted for a path to store the two key files e.g. id_dsa.pub (the public key) and id_dsa (the private key). For example: $ ssh-keygen -t [rsa|dsa] Generating public/private [rsa|dsa] key pair. Enter file in which to save the key (/home/user/.ssh/id_[rsa|dsa]): Enter passphrase (empty for...
Page 232
232 Chapter 15: Advanced Configuration 15.6.4 Installing SSH Public Key Authentication (Linux) Alternately the public key can be installed on the unit remotely from th\ e linux host with the scp utility as follows. Assuming the user on the Management Console is called "fred"; the IP add\ ress of the Console Server is 192.168.0.1 (default); and the public key is on the linux/unix computer in ~/.ssh/id_dsa.pub. Execute the following command on the linux/ unix computer: scp ~/.ssh/id_dsa.pub \...
Page 233
233 Chapter 15: Advanced Configuration If the Console Server device selected to be the server will only have on\ e client device, then the authorized_keys file is simply a copy of the public key for that device. If one or more devices will be\ clients of the server, then the authorized_keys file will contain a copy of all of the public keys. RSA and DSA keys may be freely\ mixed in the authorized_keys file. For example, assume we already have one server, called bridge_server, and two sets of keys,...
Page 234
234 Chapter 15: Advanced Configuration • Click on the Generate button • Follow the instruction to move the mouse over the blank area of the progr\ am in order to create random data used by PUTTYGEN to generate secure keys. Key generation will occur once PUTTYGEN has collected sufficient random data • Create a new file " authorized_keys " (with notepad) and copy your p\ ublic key data from the "Public key for pasting into OpenSSH authorized_keys file" section of the PuTTY Key Generator,...
Page 235
235 Chapter 15: Advanced Configuration This fingerprint is related to the host key of the remote server. Fingerprints are stored in ~/.ssh/known_hosts. To receive the fingerprint from the remote server, log in to the client as the required user (usually root) and establi\ sh a connection to the remote host: # ssh remhost The authenticity of host 'remhost (192.168.0.1)' can't be established.\ RSA key fingerprint is 8d:11:e0:7e:8a:6f:ad:f1:94:0f:93:fc:7c:e6:ef:56. Are you sure you want to...
Page 236
236 Chapter 15: Advanced Configuration • Select SSH Tunnel when configuring the Serial Bridging Setting Next you will need to set up SSH keys for each end of the tunnel and upload these keys to the Server a\ nd Client console servers. Client Keys: The first step in setting up ssh tunnels is to generate keys. Ideally, you will use a separate, secure, machine to generate and store all keys to be used on the Console Servers. However, if this is not ideal to your situation, keys may be generated on the...
Page 237
237 Chapter 15: Advanced Configuration It is advisable to create a new directory to store your generated keys. \ It is also possible to name the files after the device they will be used for. For example: $ mkdir keys $ ssh-keygen -t rsa Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): /home/user/keys/control_room Enter passphrase (empty for no passphrase): Enter same passphrase again: Your identification has been saved in...
Page 238
238 Chapter 15: Advanced Configuration 15.7 Secure Sockets L ayer (SSL) Support Secure Sockets Layer (SSL) is a protocol developed by Netscape for transmitting private docume\ nts via the Internet. SSL works by using a private key to encrypt data that's transferred over the\ SSL connection. The Console Server includes OpenSSL. The OpenSSL Project is a collaborative effort to develop a robust, commercial-gra\ de, full-featured, and Open Source toolkit implementing the Secure Sockets L\ ayer (SSL...
Page 239
239 Chapter 15: Advanced Configuration 15.8.3 Installing the key and certificate The recommended method for copying files securely to the Console Serve\ r unit is with an SCP (Secure Copying Protocol) client. The scp utility is distributed with OpenSSH for most Unix distributions while Windows users can use something like the PSCP command line utility available with PuTTY. The files created in the steps above can be installed remotely with th\ e scp utility as follows: scp ssl_key.pem...
Page 240
240 Chapter 15: Advanced Configuration 15.9 Power Strip Control The Console Server supports a growing list of remote power-control devices (RPCs) which can be configured using the Management Console as described in Chapter 8. These RPCs are controlled \ using the open source NUT and PowerMan tools and the pmpower utility. 15.9.1 PowerMan PowerMan provides power management in a data center or compute cluster en\ vironment. It performs operations such as power on, power off, and power cycle via remote...