Ways to manage SSH for SecureAdmin

SecureAdmin uses options to enable secure sessions using SSH. The options enable you to control password-based authentication and public key authentication, control access to a storage system, and assign the port number to a storage system.

SecureAdmin uses the following options to enable secure sessions using SSH:

options ssh.passwd_auth.enable—Controls password-based authentication.
options ssh.pubkey_auth.enable—Controls public key authentication.
options ssh.access—Controls access to a storage system.
options ssh.port—Assigns the port number to a storage system.

Note: The default value for ssh.passwd_auth.enable and ssh.pubkey_auth.enable is on. The default value for ssh.access allows everyone to access the storage system. The default value for ssh.port is 22.

Note: SSH does not support force commands. It does not support internal role-based access control. Access control is governed by the Administrative Roles feature.

Setting up and starting SSH
The SSH setup process involves creating host and server keys.
Reinitializing SSH
Reinitializing SSH enables you to change the sizes of existing host and server keys.
Disabling or enabling SSH service
You disable or enable SSH to stop or start SSH service, respectively.
Public-key-based authentication
Setting up key-based authentication requires an RSA key pair (a private and public key) in addition to the host and server keys. Public-key-based authentication differs between the two versions of SSH; SSH 1.x uses an RSA key pair and SSH 2.0 uses a DSA key pair in addition to an RSA key pair. For both versions of SSH, you must generate the key pairs and copy the public key to the storage system.

Parent topic: SecureAdmin

Related concepts

How to manage administrator access