Supported SSH2 authentication

PATROL KM for Log Management supports the following user authentication mechanisms:

• Password-based: In this mechanism, while configuring a remote host for log monitoring, you must provide a valid user name and password to access the remote host. PATROL KM for Log Management stores these credentials in a secure key store. The SSH2 client provides the credentials to the remote host. After validation, a remote session is started to start collecting the data for the host. To use the password-based mechanism, the remote host must be configured for this mechanism. To configure the remote host for this mechanism, add the following entry to the SSH2 server configuration (sshd_config) file, if not already present:
  PasswordAuthentication yes
• Key-based: In this mechanism, while configuring a remote host for log monitoring, you must provide the public and private key file paths, and the passphrase (if applicable). The key file paths must be absolute paths. For example, /home/user/id_rsa.pub.
   The PATROL user must have the read permission on the key files. PATROL KM for Log Management stores the key file paths in a secure key store. The KM stores the file name information and not the public or private key. Therefore, BMC recommends that you set a passphrase for the private key. To configure the remote host for key-based authentication, add the following entry to the SSH2 server configuration (sshd_config) file on the remote host, if not already present:
  PubkeyAuthentication yes
   The remote host must posses the public key that corresponds to the private key. Add the public key to /home/user/.ssh/authorized_keys2 file on the remote host.