Setting up the SSH connection

You must set up SSH connection between the system that is running the agent and the HMC for the agent to collect data.

About this task

The agent data provider collects data from the management console by running CLI commands over SSH. By default, the data provider waits up to 1 minute for a CLI command to finish running. After this time, the data provider closes the SSH session in which the CLI command is running, and none of the data for that command is available in agent data sets until the command runs successfully. The default path for the SSH command is /usr/bin/ssh. If you installed SSH in a different location, you must indicate the path by using the KPH_SSH_PATH environment variable.

Procedure

Use one of the following methods to set up SSH connection.

  • Use the setup_hmc_key.pl script to set up the SSH connection.
    1. Log on to the server where the agent is installed.
    2. Open the install_dir/aix526/ph/bin directory, where install_dir is the installation directory for the HMC Base agent.
    3. Run the perl setup_hmc_key.pl command.
    4. Respond to prompts and provide the HMC host name or IP address; the HMC user name, which must have authority equivalent to hscviewer authority; and the password to create the key pair.
    5. After you create the key pair, test the connectivity by running a command such as ssh hscroot@hmchost lshmc -V.
      If SSH is connecting to this HMC for the first time, add the HMC to the ssh known_hosts file by responding with yes to the following message: 
      The authenticity of host 'hmchost (3.3.333.333)' can't be established.
RSA key fingerprint is 4c:b4:26:27:38:f3:ec:58:01:92:26:f9:61:32:bb:4d.
Are you sure you want to continue connecting (yes/no)? yes

Warning: Permanently added 'hmchost,3.3.333.333' (RSA) to the list of known hosts.
      The agent can now use SSH to collect data from the HMC.
  • Use ssh-keygen utility to generate keys and set up the SSH connection.
    1. Log on to the server where the agent is installed.
    2. Use the ssh-keygen utility to generate public and private keys with no paraphrase.
      For example, the following command generates a set of public and private keys: 
      ssh-keygen -t rsa -f /.ssh/id-rsa
      Press Enter when prompted for a paraphrase. The public key that is generated is stored in the /.ssh/id-rsa.pub file. The private key is stored in the /.ssh/id-rsa file.
    3. Transfer the file that contains the public key to the HMC computer by using utilities such as scp.
    4. On the HMC computer, append the public key file to the collection of keys that are stored on the HMC.
      The stored keys are in the /.ssh/authorized_keys2 file.
    5. Add the host name and key for the HMC in the known_hosts file.
      This file is in the /.ssh directory.
      1. Run the ssh "user"@"hmc_hostname" -i "private_keyfile" date command.
      2. Enter yes when prompted to cache the keys. This command adds the entry to the known_hosts file for future connections.
    6. Run the ssh "user"@"hmc_hostname" date command.
      If the date is returned with no password prompt, the SSH keys were successfully set up.