Sun Storage 7000 Unified Storage System: How to configure the ssh-agent

Asset ID:	1-71-1313494.1
Update Date:	2011-05-12
Keywords:

Solution Type Technical Instruction Sure

Solution 1313494.1 : Sun Storage 7000 Unified Storage System: How to configure the ssh-agent

Applies to:

Sun Storage 7410 Unified Storage System - Version: Not Applicable and later   [Release: N/A and later ]
Sun Storage 7110 Unified Storage System - Version: Not Applicable to Not Applicable   [Release: N/A to N/A]
Sun ZFS Storage 7120 - Version: Not Applicable to Not Applicable   [Release: N/A to N/A]
Sun Storage 7210 Unified Storage System - Version: Not Applicable and later    [Release: N/A and later]
Sun Storage 7310 Unified Storage System - Version: Not Applicable and later    [Release: N/A and later]
Information in this document applies to any platform.

Goal

To provide complete steps to configure the ssh-agent with Sun Storage 7000 Unified Storage System. Using the ssh-agent, you are able to login to an appliance using ssh without entering a password. It is useful for implementing batch processing.

Solution

1. On a ssh client, generate a DSA authentication key for the ssh using the ssh-keygen command

[testuser@nana ~]$ ssh-keygen -t dsa

Generating public/private dsa key pair.
Enter file in which to save the key (/home/testuser/.ssh/id_dsa): <--- Enter return
Enter passphrase (empty for no passphrase):  <--- Enter the password
Enter same passphrase again:  <--- Enter the password
Your identification has been saved in /home/testuser/.ssh/id_dsa.
Your public key has been saved in /home/testuser/.ssh/id_dsa.pub.
The key fingerprint is:
4b:47:6f:53:ae:f2:da:13:d2:d3:4b:96:10:0c:aa:70 testuser@nana

The key's randomart image is:

+--[ DSA 1024]----+
|          .o     |
|         .  o    |
|    . E . .  ..  |
|     o . . ..o   |
|      . S ..+o.. |
|       . o..+o=  |
|        . ...= . |
|           +. .  |
|          ..o.   |
+-----------------+

[testuser@nana ~]$

2. Check if the RSA public key is genereted by the step1 using the cat command.

[testuser@nana ~]$ cat ~/.ssh/id_dsa.pub

ssh-dss AAAAB3NzaC1kc3MAAACBAPnRBXlbNTwcCumKNnNt7jixn9SZdrohduWfaOWTgUWcRlgCHWHJ/
Yfn4ZEK8JIqf4UTmnqydZ675FYGXBJz/rLctbfwP2Ti6UaMaIWXzsekIRafIJxHQTLBXlbTKVMsn63XS2
DnMpzGFJsQVGZaXxrdleVW9fJRGtTr22EuA4/dAAAAFQDPAS9bFmMcyoKLwYLdB3nmrvGN3wAAAIEAwdZ
2Vmgyu8T4oS5nCBpVOsYGtmXKMzwDz3kIrqm1uWRw05fKE1TJqTHyH6Z5VsEsWP/QUcnAA0lLo6mPS0y1
dmcbQlyVGCZK1NN9tELHy6mt7y0ZGFFNrfeVFQgkJqFVNrQWtPjVvYzHLCSv/XQXsyIRjWIXU7LiqGCxX
vJfeQsAAACAHxiZnaintGIMgfRK/9TvAijaohHJ8e8pVXqT+e7ixJuFnIQtCahCSHiHgYZrCtJBGYJOq0
Y1YS1xlubKCP8ucmxW8LA6gMpuODqCWBrH4oDRq59GJuLfQ5OkXkN8PQ/7kBnykHBkMetnC/hltzr3PRp
UQnTkXSsdrMN3AsQgdow= testuser@nana

[testuser@nana ~]$

3. Register the above DSA public key on the Sun Storage 7000 Unified Storage System. It can be done by either the BUI (browser user interface) or CLI (command line interface).

Note: ss7000 shown in the example is the hostname of Sun Storage 7000
      unified Storage System.

   For BUI:

   A. Access the Sun Storage 7000 Unified Storage System at https://ss7000:215/ using the browser.

   B. Navigate Configuration -> PREFERENCES
   C. Click on + button located left of SSH
   D. Choose the DSA from the type
   E. Put the above public on the SSH public key field
   SSH Public Key: AAAAB3NzaC1kc3MAAACBAPnRBXlbNTwcCumKNnNt7jixn9SZdrohduWfaOWTgUWcRlgCHWHJ/Yfn4ZEK8JIqf4UTmnqydZ675FYGXBJz/rLctbfwP2Ti6UaMaIWXzsekIRafIJxHQTLBXlbTKVMsn63XS2DnMpzGFJsQVGZaXxrdleVW9fJRGtTr22EuA4/dAAAAFQDPAS9bFmMcyoKLwYLdB3nmrvGN3wAAAIEAwdZ2Vmgyu8T4oS5nCBpVOsYGtmXKMzwDz3kIrqm1uWRw05fKE1TJqTHyH6Z5VsEsWP/QUcnAA0lLo6mPS0y1dmcbQlyVGCZK1NN9tELHy6mt7y0ZGFFNrfeVFQgkJqFVNrQWtPjVvYzHLCSv/XQXsyIRjWIXU7LiqGCxXvJfeQsAAACAHxiZnaintGIMgfRK/9TvAijaohHJ8e8pVXqT+e7ixJuFnIQtCahCSHiHgYZrCtJBGYJOq0Y1YS1xlubKCP8ucmxW8LA6gMpuODqCWBrH4oDRq59GJuLfQ5OkXkN8PQ/7kBnykHBkMetnC/hltzr3PRpUQnTkXSsdrMN3AsQgdow=
   E. Click on the APPLY button.

   For CLI:

A. Login to Sun Storage 7000 Unified Storage System using the ssh.

# ssh root@ss7000

B. Run the following commands on the aksh.

ss7000:> configuration preferences keys create

ss7000:configuration preferences key (uncommitted)> set type=DSA

ss7000:configuration preferences key (uncommitted)> set key="AAAAB3NzaC1kc3MAAACBALrbP+Mh3dmLYGYDd8l+DgZx4ITCzKwal8J697uNVs6Gf0pa
VSsFfu/CGtnIlDSR70xIQWrzp2/h18N/VIU8ccDIF+BqxOIyhDxd27NoedWJ0hbavmWp72NAQihdrsQfRVq2WhIbShGE2gKva5fE08NLc3Hz3U0U1ibeIr8VVAAAAFQC/wzBlX0JKhq2gBKtYc/rmCQHBzQAAAIADVzhb38N8pmZxJ0T7XmkvLevvcgUbR+XWarbmRhjWcSok8jPaprnWt7ngd/shXwvdkn2OdVu88RBiaGdEJuv4czj/6ZW91xUGNoRqGYykqdFrzebOTvupFEj5zlITV62y9QJllx5SaIG5BefBHUcmC5/RWmI2J9Za9ram/jUiXQAAAIBogdXVbWp3NLv3nta7e5ckJVjZ4rFQQhwlBC8y4/Q4sFP1qSvgTjJxFFdHAiPXjKlCpV9AoEGhJDmmJJSH5JDdkETzoeIrkd4iUf21wIvBUTVCzuQDVDG5L818fHDeTzQZGNgZKrtKQ4AoyiuhQTe1ygllD8k9HQiGro/W6ztpOw=="

ss7000:configuration preferences key (uncommitted)> set comment=mykey

ss7000:configuration preferences key (uncommitted)> commit

ss7000:configuration preferences keys> show

4. Once you have done from the step1 to 3, you are able to use the ssh without entering a password using the following steps.

[testuser@nana ~]$ ssh-agent bash

[testuser@nana ~]$ ssh-add ~/.ssh/id_dsa
Identity added: /home/testuser/.ssh/id_dsa (/home/testuser/.ssh/id_dsa) <--- Enter the password

[testuser@nana ~]$ ssh root@ss7000
Last login: Thu Apr 14 15:30:11 2011 from 192.168.0.10
ss7000:>

Attachments

This solution has no attachment