beautypg.com

Remote administration settings overview, Remote administration settings sections, Remote administration settings – HP Secure Key Manager User Manual

Page 236: 236 remote administration settings sections

background image

Description

Component

Enter the length of duration. This duration cannot be longer than the Maximum Duration
for Time-Limited Credentials established in the Multiple Credentials for Key Administration
section.

Duration (in minutes)

Select the specific operations for which you are granting your credentials. You may
only grant credentials for those operations listed here.

Allowed Operations

Click Grant to execute the credential grant.

Grant

Remote Administration Settings overview

You can administer the SKM locally and remotely. Local administration involves logging into the SKM
from a machine that is physically connected to the device via a null modem cable. Remote
administration involves logging into the SKM from the Management Console or an SSH session. The
Remote Administration Settings, which are first specified during initial configuration, determine the IP
addresses and ports that are used to administer the SKM.

The Web Admin User Authentication feature provides an additional security safeguard against
unauthorized configuration of the SKM. When this feature is enabled, administrators are asked for
a Client Certificate when they attempt to log in to the SKM. After presenting a client certificate,
administrators can only log in to the SKM with a username that matches the common name field on
the client certificate. For example, if the common name of the client certificate is admin, then the
administrator can only log in as admin.

From the Remote Administrations Settings page, you can also recreate the Web Administration
Certificate and the SSH Key used by the SKM. The Remote Admin Certificate is a self–signed certificate
created during initial configuration that can be used to verify that the hostname in the certificate
matches the hostname of the machine being logged into. Because the certificate is only presented to
people logging into the Management Console, there is no reason to have the certificate signed by a
Certificate Authority.

The SSH Key is used to generate a session key that is used for encryption and decryption operations
while you are logged into the SKM.

Remote Administration Settings sections

The Administrator Configuration page enables to configure remote administration. This page contains
the following remote administration-related section:

Remote Administration Settings

Remote Administration Settings

The Remote Administration Settings section is shown here.

Using the Management Console

236