Configuring iLO 2 41
When logging in to iLO 2 with Telnet or SSH clients, the number of login name and password prompts
offered by iLO 2 matches the value of the Authentication Failure Logging parameter (or 3 when it is
disabled.) However, the number of prompts might also be affected by your Telnet and SSH client
configurations. Telnet and SSH logins also implement delays after login failure. During the delay, login is
disabled so no login failure occurs. As an example, to generate an SSH authentication failure log with a
default value (for instance, Enabled-Every 3rd Failure), three consecutive login failures occur as follows
(assuming the SSH client is configured with the number of password prompts >= 3):
1.
Run the SSH client and log in with an incorrect login name and password. You will receive three
password prompts. After the third incorrect password, the connection terminates, and the first login
failure is recorded. The SSH login failure counter is set to 1.
2.
Run the SSH client until receiving the login prompt. Log in with an incorrect login name and
password. You will receive three password prompts. After the third incorrect password, the
connection terminates, and the second login failure is recorded. The SSH login failure counter is set
to 2.
3.
Run the SSH client until receiving the login prompt. Log in with an incorrect login name and
password. You will receive three password prompts. After the third incorrect password, the
connection terminates and the third login failure is recorded. The SSH login failure counter is set to
3.
At this point, iLO 2 firmware records an SSH login failure log entry and sets the SSH login failure counter
to 0.
iLO 2 Remote Console and Remote Serial Console access
For iLO 2 Remote Console recommended client settings, server settings, optimizing mouse support, and
Remote Serial Console settings, see the section, "iLO 2 Remote Console (on page
83
)."
Security
iLO 2 enables you to customize iLO 2 security settings. To access iLO 2 security settings, select
Administration>Security.
iLO 2 security options include
•
SSH key administration (on page
45
)
•
SSL certificate administration (on page
45
)
•
Two-factor authentication (on page
46
)
•
Directory settings (on page
51
)
•
iLO 2 encryption
•
HP SIM single sign-on ("
HP SIM single sign-on (SSO)
" on page
56
)
•
Remote Console Computer Lock (on page
59
)
iLO 2 security options enables iLO 2 to provide the following security features:
•
User-defined TCP/IP ports
•
User actions logged in the iLO 2 Event Log
•
Progressive delays for failed login attempts
•
Support for X.509 CA signed certificates
•
Support for securing RBSU