Using SSH Keys
This topic explains how you can attach an SSH key to a credential using the SSH access method. It is assumed that administrators are already familiar with setting up and generating SSH keys.
BMC Discovery supports only RSA2 and DSA private keys for certificate-based authentication. For hosts that only support SSH v1, you must use credentials for authentication.
When using SSH keys, the appliance must identify itself to discovery targets so must use the private key. It is strongly recommended that you protect the private key with a strong passphrase. When they are uploaded, the key and the passphrase are stored in the credential vault.
If the attempted login is unsuccessful using the SSH key, the credential falls back and attempts to login using the configured username and password.
It is important to configure a user name and password even when an SSH key is to be used. When privileged command execution is required, that password is used in the command, for example
sudo password command.
After the key is stored in the credential vault, it is encrypted and cannot be recovered. You are strongly recommended to keep copies of private keys in secure storage according to your local security guidelines.