SSH Configuration

Under Construction

Virtualization with PowerVM > LPAR tool Tutorial > Installation and Configuration

The LPAR tool uses SSH to communicate with the HMCs. In order for a user to use the LPAR tool, the user needs either an own account on the HMCs or at least access to an existing HMC account.

Recommendation: We recommend that each PowerVM administrator should have their own account on the HMCs.

When using SSH with the LPAR tool, usage of passwords or passphrases should be prevented if possible. An SSH key and the ssh-agent should be used. This makes working with the LPAR tool easier.

But the LPAR tool can also be used without SSH keys with a password. To avoid being constantly asked for the password, you should create the file ~/.lpar.cfg in the home directory and make the following entry:

$ cat ~/.lpar.cfg
ControlPersist 1h
$

Note: Instead of 1h (for 1 hour) you can also specify a shorter or longer period of time. ControlPersist is a parameter of OpenSSH.

The LPAR tool uses the Master/Slave Connections feature of OpenSSH. This keeps a connection open for a desired time (specified by ControlPersist). As long as this connection is open, you do not need to establish a new connection for further access and therefore do not need to enter a password or passphrase. The password or passphrase only needs to be entered the first time you access an HMC.

Regardless, we definitely recommend using an SSH key and the ssh-agent!

Check if you can log in to your HMCs using SSH. Specify the account name on the HMC if it does not match your local username. In our examples, we used the username user1.

Example without SSH key, with password:

$ ssh user1@hmc01
Password: XXXXXXXX
Last login: Thu Jan 27 18:41:46 2022 from 192.168.132.17
user1@hmc01:~> exit
exit
Connection to hmc01 closed.
$

Example with SSH key and passphrase (without ssh-agent):

$ ssh user1@hmc01
Enter passphrase for key '/home/user1/.ssh/id_rsa': XXXXXXXXXX
Last login: Thu Jan 27 18:49:45 2022 from 192.168.132.17
user1@hmc01:~> exit
exit
Connection to hmc01 closed.
$

Example with SSH key and passphrase, as well as ssh-agent:

$ ssh user1@hmc01
Last login: Thu Jan 27 18:50:11 2022 from 192.168.132.17
user1@hmc01:~> exit
exit
Connection to hmc01 closed.
$