Managing SSH keys by using the CLI

You can use the command-line interface (CLI) to work with Secure Shell (SSH) keys.

About this task

The system supports up to 32 interactive SSH sessions on the management IP address simultaneously.

Note: After an SSH interactive session times out, session gets automatically closed. Session timeout limit is set to 15 minutes, by default. The limit value can be changed by using the CLI command. See chsecurity.

Procedure

To work with SSH keys, complete these steps.

Issue the lsuser CLI command to list the SSH keys that are available on the system.
Create an SSH key on a host system and then copy the file to the system.
For example, use ssh-keygen on a Linux® server or use the PuTTY tool on a Windows server.
Issue the mkuser or chuser CLI command to install a new SSH key on the system.
When you run the command, the SSH key is copied into system state and activated for the user, and the input file is deleted. Each key is associated with an ID string that you define that can consist of up to 30 characters. Up to 100 keys can be stored on a system. You can add keys to provide administrator access (service access is superuser only).
Use the chuser command or the chcurrentuser command to remove an SSH key from the system.

Example

To create an SSH key on a Linux host, run the ssh command.

ssh-keygen -t rsa

Use secure copy to copy the file to the system.

scp /tmp/OU812.pub user_name@system_ip:/tmp

Run one of the following commands.

To create a user ID and assign the SSH key to the user, run the mkuser command.
```
mkuser -name jane -usergrp Service -keyfile /tmp/OU812.pub
```
To assign the SSH key to an existing user ID, run the chuser command.
```
chuser -keyfile /tmp/OU812.pub user_id_or_name
```