92 Sun Fire V20z and Sun Fire V40z Servers, Server Management Guide • May, 2004
If the login is authorized through a mapping of a directory-service group, the ssh
command is executed as the proxy user on the SP, either rmonitor, radmin or rmanager.
Support is available for SSH protocol version 2 key types (RSA or DSA) only.
If DNS is enabled on the SP, the client machine must be specified with its DNS name,
(and not the IP address).
Generating Host Keys
The host’s ssh install should generate the host keys. If it does not, follow these steps
to manually generate the key pair:
1. Enter the following command:
ssh-keygen -q -t rsa -f rsa_key -C '' -N ''
2. Copy rsa_key to /etc/ssh/ssh_host_rsa_key.
3. Ensure that only root has read or write permission to this file. The rsa_key.pub
file is the file you will transfer to the SP.
Note – Only protocol version 2 key types and 1024 bit key sizes (the default
generated by ssh-keygen) are supported.
4. Copy the host’s public key (the rsa_key.pub file) to the SP using scp (secure
copy) or by copying the host key to an external file system that has been mounted
on the SP.
Note – Use scp to copy the files to either /tmp or to your home directory. The sp
commands will then install the file specified on the command line to /pstore.
Note – If DNS is enabled on the SP, you must specify the client that is used in the
trust commands with its DNS name (and not the IP address).