Configuring a client to connect through the iLO Service Port........................................ 235
iLO Service Port supported devices...............................................................................236
Sample text file for Active Health System Log download through iLO Service Port...... 236
Authorizing a new SSH key by using the web interface.................................................238
Authorizing a new SSH key by using the CLI.................................................................238
Deleting SSH keys......................................................................................................... 239
Requirements for authorizing SSH keys from an HPE SIM server ............................... 239
SSH keys........................................................................................................................240
Supported SSH key format examples............................................................................ 240
Configuring CAC Smartcard Authentication settings..................................................... 242
Managing trusted certificates for CAC Smartcard Authentication.................................. 243
Certificate mapping........................................................................................................ 245
Prerequisites for configuring authentication and directory server settings.....................249
Configuring Kerberos authentication settings in iLO...................................................... 249
Configuring schema-free directory settings in iLO......................................................... 250
Configuring HPE Extended Schema directory settings in iLO....................................... 252
Directory user contexts...................................................................................................253
Directory Server CA Certificate...................................................................................... 254
Local user accounts with Kerberos authentication and directory integration................. 254
Running directory tests.................................................................................................. 254
Enabling the Production or HighSecurity security state................................................. 257
Enabling the FIPS and SuiteB security states................................................................258
Connecting to iLO when using higher security states.................................................... 259
Configuring a FIPS-validated environment with iLO...................................................... 260
Disabling FIPS mode..................................................................................................... 260
Disabling SuiteB mode...................................................................................................261
iLO security states..........................................................................................................261
SSH cipher, key exchange, and MAC support............................................................... 263
SSL cipher and MAC support.........................................................................................263
Configuring iLO for HPE SSO........................................................................................ 265
Single Sign-On Trust Mode options............................................................................... 266
SSO user privileges........................................................................................................266
Adding trusted certificates..............................................................................................266
Extracting the HPE SIM SSO certificate........................................................................ 267
Importing a direct DNS name.........................................................................................267
Viewing trusted certificates and records.........................................................................268
Removing trusted certificates and records.....................................................................268
Configuring iLO management settings.............................................271
Agentless Management and AMS............................................................................................ 271
Agentless Management Service............................................................................................... 272
Installing AMS................................................................................................................ 272
Verifying AMS installation...............................................................................................273
Restarting AMS.............................................................................................................. 274
System Management Assistant......................................................................................275
10
Contents