Supported SSH2 authentication

PATROL KM for UNIX supports following types of user authentication mechanisms:

• Password-based: In this mechanism, while configuring a remote host for monitoring, you need to provide user name and password to access the remote host. PATROL KM for UNIX stores these credentials in a secure key store. The SSH2 client provides the credentials to the remote host. After validation, a remote session is started to start collecting the data for the host. To use the password-based mechanism, the remote host must be configured for this mechanism. To configure the remote host for this mechanism, add the following entry to the SSH2 server configuration (sshd_config) file, if not already present:
  PasswordAuthentication yes
• Key-based: In this mechanism, while configuring a remote host for monitoring, you need to provide the public and private key file paths, and the passphrase (if applicable). The key file paths must be absolute paths. For example, /home/user/id_rsa.pub. The PATROL user must have the read permission on the key files. PATROL KM for UNIX stores the key file paths in a secure key store. The KM stores the file name information and not the public or private key. Therefore, BMC recommends to have a passphrase for the private key. In order to use key-based authentication, the remote host must be configured to use this mechanism. To configure the remote host for this authentication, add the following entry to the SSH2 server configuration (sshd_config) file on remote host, if not already present:
  PubkeyAuthentication yes
   The remote host must posses the public key corresponding to private key. Add the public key to /home/user/.ssh/authorized_keys2 file on the remote host.