How to generate and upload SSH keys to NetApp 7-Mode

NetApp with its Data ONTAP in compare to other storage vendors solutions offers very managable CLI and in combain with UNIX it makes powerful solution, where administrator is able to extend ONTAP interface using utilities like grep or bash scripts. But before you start doing any significant improvements, first you need connect your management server with NetApp filer. Please let me introduce steps to achieve it.

1. First go to your management server and generate SSH keys. In this example we generate SSH RSA Key using command:
ssh-keygen -t rsa -b 1024

where:

-t specify type of key
-b stands for number of bits in the generated key

2. Accept all defaults. Generated keys (both private and public) should be located in your home directory and /.ssh, where id_rsa is your private key and id_rsa.pub is your public key.

3. Display and copy your generated public key.
cat ~/.ssh/id_rsa.pub

Example output:

ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAAAgQDE/+zqb68jCVgH6//dXouTE0OYp901Cvpu3V/Jr96quR+gvtPna/buZDpzbDCAfgNtU5y9xG1VTvs1b1HLSG3r+3S+YN6gOp4f9UsJOIV0qHRJOOJyuGcpG+PjOOVUhi2yZtkXfIq57LgP9Uz/tSMY9SnAtSTuxMzvY1Z+Teuf+w== root@linux1

4. Now it’s the time to upload ssh keys to desired filers.
You have to create missing directory in /etc/sshd/ to have something like this:
/mnt/filer/etc/sshd/local_account/.ssh/

or just do this fromĀ filer level:
filer> wrfile /etc/sshd/local_account/.ssh/authorized_keys2

or your management server where mount exist, for example:
cat ~/.ssh/id_dsa.pub >> /mnt/filer/etc/sshd/local_account/.ssh/authorized_keys2

Comments:
– local_account – put your local account name on filer,
– authorized_keys2 is for SSH2,
– remember to preserve empty line at the end of file and then CTRL+C,
– if you wish add later another SSH key to the same filer then just use command wrfile -a.
– if you map root CIFS share ETC$, use mkdir from CLI at Windows to create .ssh directory
V:\sshd\local_account>mkdir .ssh

Leave a Reply

Your email address will not be published. Required fields are marked *