HPE Community
HPE 9000 and HPE e3000 Servers
1752604 Members
4365 Online
108788 Solutions
New Discussion юеВ

Re: Enable SSh to the MP port of rp7410

 
Ranoop Nambiar
Advisor

тАО07-31-2009 06:45 AM

тАО07-31-2009 06:45 AM

Enable SSh to the MP port of rp7410


Hello Everyone,

I need to enable SSH to the MP port of rp7410, I have gone through the menus, couldnt see any thing which can help me to enable SSH ( rp 7420 it was through MP -- > CO-яГа SAтАФEnable SSH). I would like to seek your advice on thisтАж

Thanks,
Ranoop
0 Kudos
6 REPLIES 6
Matti_Kurkela
Honored Contributor

тАО08-01-2009 03:05 AM

тАО08-01-2009 03:05 AM

Re: Enable SSh to the MP port of rp7410

What makes you assume that the MP of a rp7410 can use SSH?

I searched through the firmware release notes for rp7410 and found no reference to SSH at all.

If the SA command does not allow enabling SSH, then the MP does not support SSH. The reason might be that the MP of a rp7410 is not powerful enough to support the SSH protocol.

The newer models (like a rp7420) may have an upgraded version of the MP hardware, which _can_ support SSH.

MK
MK
0 Kudos
Bill Hassell
Honored Contributor

тАО08-02-2009 04:00 PM

тАО08-02-2009 04:00 PM

Re: Enable SSh to the MP port of rp7410

ssh for GSP and MP ports is a very new feature and not back-ported to older servers. Similarly, the web server feature found in newer MP's will fail security audits and cannot be fixed. That's why I always connect GPS/MP ports plus all SAN switches, routers, ILO and DRAC ports (and anything without a full OS) to an isolated diagnostic subnet. These are critical connections to the hardware but have lousy security so you protect them by getting onto an isloated network. You can then put a support server that bridges the diag network. It does not route any traffic. Instead, it is a Windows box that is setup with Remote Desktop. You run RDS to get to the management system, then run IE/Firefox or telnet/ssh to connect to these ports.


Bill Hassell, sysadmin
0 Kudos
Ranoop Nambiar
Advisor

тАО08-03-2009 02:42 AM

тАО08-03-2009 02:42 AM

Re: Enable SSh to the MP port of rp7410

Yes, it├в s in a different subnet, and as a security concern we are planning to disable telnet all cross that n/w, thus its indeed to enable ssh as an alternative. We have brought MP adv. license and upgraded it in all the other boxes. The one which is left is rp7410( Web console exists here). Any more suggestions would be highly appreciated

Thanks all,
Ranoop
0 Kudos
Tim Nelson
Honored Contributor

тАО08-03-2009 11:25 AM

тАО08-03-2009 11:25 AM

Re: Enable SSh to the MP port of rp7410

If your sa command does not display something like the below including the SSH option then you may wish to investigate a MP firmware update.. Research to see if a newer update includes SSH. If not you are out of luck.

MP:CM> sa

This command displays and allows modification of access parameters.

T - Telnet access : Enabled.
H - SSH access : Enabled.
M - Modem access : Disabled.
W - Web Console : Enabled (SSL NOT active).
N - Network Diagnostics : Disabled.
I - IPMI Lan access : Disabled.
S - SNMP : Disabled.

Select access mode to change (q to quit) :
0 Kudos
Bill Hassell
Honored Contributor

тАО08-03-2009 03:12 PM

тАО08-03-2009 03:12 PM

Re: Enable SSh to the MP port of rp7410

> rp7410( Web console exists here)

Are you referring to an external Secure Web Console adapter that plugs into the console serial port and has a LAN connector? This good-idea box had a pitiful history, terrible security and was ignored out of support a long time ago. If you are using that box, there are no updates to add ssh as far as I can tell:

http://h20000.www2.hp.com/bizsupport/TechSupport/SoftwareDescription.jsp?swItem=ux-52880-1тМй=en&cc=us&idx=1&mode=4&

I would use the 7410's LAN console port and dump the SWC adapter. Here is the latest rp7410 firmware:

ftp://ftp.itrc.hp.com/firmware_patches/hp/cpu/PF_CKEYMAT0605.txt

ftp://ftp.itrc.hp.com/firmware_patches/hp/cpu/PF_CKEYMAT0605.tar.gz

I don't see ssh, just ssl for the web page.


Bill Hassell, sysadmin
0 Kudos
Ranoop Nambiar
Advisor

тАО08-10-2009 02:01 AM

тАО08-10-2009 02:01 AM

Re: Enable SSh to the MP port of rp7410

I checked for the latest firmware upgrade which supports SSH, no go!!!.. I could nt find any of the verison which supports SSH to MP in rp7410.... Does anybody knows about any firmware, which can do this for me... ???

Thanks for all the efforts...
Not in a position to assign more points.. :(

-Ranoop
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.