Creating SSH keys in the IBM Spectrum Virtualize 3-Site Orchestrator for HyperSwap configurations

Edit online

After you have created partnerships between the systems for a HyperSwap® configuration with IBM Spectrum Virtualize 3-Site Orchestrator, you need to log into your 3-Site Orchestrator host and create SSH keys. SSH keys are required for authenticating the systems to the 3-Site Orchestrator.

To create SSH keys for each system, log in to the 3-Site Orchestrator host to complete the following steps.

Enter the following command to generate the SSH key.
```
ssh-keygen
```
Ensure that you do not enter a passphrase or password while you create the key file. This command creates the following keys in the /root/.ssh/ directory on the 3-Site Orchestrator host.

id_rsa

The 3-Site Orchestrator private key file.

id_rsa.pub

The public key file that must be copied to all the systems in the 3-site configuration and assigned to the user with 3-Site Orchestrator administrator role.
Note: If you are using Red Hat® Enterprise Linux® (RHEL) version 8.0 or later, you must complete the following steps.
1. Enter the command update-crypto-policies and set the LEGACY value.
2. Enter PubkeyAcceptedKeyTypes=+ssh-dss on the end of /etc/ssh/sshd_config.
3. Restart sshd systemctl and sshd.
To ensure that the management GUI can access 3-Site Orchestrator objects, add the public SSH key to the authorized keys by entering the following command on the 3-Site Orchestrator host.
```
ssh-copy-id -i ~/.ssh/<id_rsa.pub> root@<ORCH-HOST> 
```