FireMon Asset Manager
Page tree

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 10 Next »

To securely "ssh" into Lumeta with a locally accessible private key, follow this process:

Before You Begin

Verify that tools such as putty, winscp, puttygen, or terminal are installed on your workstation.

USER Authentication via SSH

You will need to access a PKI-enabled Command Center via SSH to work in the CLI of a CAC-enabled Lumeta system.

Certificate files you will need for SSH Authorization

  1. Workstation Public Key
  2. Workstation Private Key

Obtain RSA Key Pair

  1. Using ssh-keygen
    You can generate the keypair using line command ssh-keygen or an application like puttyGen.    This section describes how to generate the Key-Pair using ssh-keygen.
    1. On the WorkStation you will use to access Lumeta run the below command to generate the rsa key pair.
      1. ssh-keygen

    2. Your files will be in the /home/admin/.ssh.
      -id_rsa: your private key.  DO NOT SHARE
      -      id_rsa.pub.  Your public key

  2. Using PuttyGen
    You can generate the keypair using line command ssh-keygen or an application like puttyGen.    This section describes how to generate the Key-Pair using PuttyGen.
    1. Open Putty Gen and select Generate KeyPair
    2. Save the private key in a secure location on you PC
    3. Copy the string for the public key (starts with ssh-rsa) and save it as a Rich Text file using WordPad.  When saving define the filename with .pub; for example user1-public-key.pub.  This is your public key file.  Note do not use Notepad as it will contain extra line breaks when converted to UNIX format.  

Convert RSA Key Pair Files in the Correct Format

No file conversion is needed for SSH access if using the ssh-keygen or puttyGen.  Other key-pair generation applications may require format conversion.

Installing the SSH RSA Public Key

   1.USING GUI

    1. Select Settings > Users click Manage PKI. 
    2. Select a user under User ID and select SSH Key under Certificate Type.  Verify the Install radial button is selected
    3. Drag and drop or browse to the user public file in “Upload an SSH Key” box and click Submit.


2. USING CLI

  1. Upload the ssh public key to the Lumeta system remembering the file name and Lumeta directory path it was saved.
  2. Run the following command on the CLI to install the public key
    certificate ssh install /pathto/file/”filename”  <user name>

Enable PKI

Enable PKI through GUI if not done already

  1. Select Settings > Lumeta Systems > System tab and click Manage PKI, then click on the slider for PKI Enabled.

Accessing Command Center via PuTTY

You can now access the Command Center from your workstation.  Below is an example how to do so via putty. 

  1. Open Putty and in configuration, go to Connection > SSH > Auth and select the private key under Private key file for authentication.  Add the host information and save the session.
  2. PuTTY will use the public-private key pair to authenticate.  It should not prompt you for a password unless a password has been set on the private key.






  • No labels