Logging in to ilo by using an ssh client, Configuring ilo security – HP Integrated Lights-Out 4 User Manual
Page 60
Table 5 Access options (continued)
Description
Default value
Option
•
Enabled-Every 3rd Failure—A failed login log entry is
recorded after every third failed login attempt.
•
Enabled-Every 5th Failure—A failed login log entry is
recorded after every fifth failed login attempt.
•
Disabled—No failed login log entry is recorded.
For information about using this setting with SSH clients, see
“Logging in to iLO by using an SSH client” (page 60)
4.
Click Apply to end your browser connection and restart iLO.
It might take several minutes before you can re-establish a connection.
Logging in to iLO by using an SSH client
When a user logs in to iLO by using an SSH client, the number of login name and password
prompts displayed by iLO matches the value of the Authentication Failure Logging option (3 if it is
disabled). The number of prompts might also be affected by your SSH client configuration. SSH
clients also implement delays after login failure.
For example, to generate an SSH authentication failure log with the default value (Enabled-Every
3rd Failure), assuming that the SSH client is configured with the number of password prompts set
to 3, three consecutive login failures occur as follows:
1.
Run the SSH client and log in with an incorrect login name and password.
You receive three password prompts. After the third incorrect password, the connection ends
and the first login failure is recorded. The SSH login failure counter is set to 1.
2.
Run the SSH client and log in with an incorrect login name and password.
You receive three password prompts. After the third incorrect password, the connection ends
and the second login failure is recorded. The SSH login failure counter is set to 2.
3.
Run the SSH client and log in with an incorrect login name and password.
You receive three password prompts. After the third incorrect password, the connection ends
and the third login failure is recorded. The SSH login failure counter is set to 3.
The iLO firmware records an SSH failed login log entry, and sets the SSH login failure counter to
0.
Configuring iLO security
iLO provides the following security features:
•
User-defined TCP/IP ports. For more information, see
“Configuring iLO access settings”
•
User actions logged in the iLO Event Log. For more information, see
.
•
Progressive delays for failed login attempts. For more information, see
•
Support for X.509 CA signed certificates. For more information, see
.
•
Support for securing iLO RBSU and the iLO 4 Configuration Utility. For more information, see
“iLO RBSU and iLO 4 Configuration Utility security” (page 61)
60
Configuring iLO