How to SSH using a public key instead of password

When accessing remote systems using SSH it can be handy to use RSA keys rather than having to enter a password every time. Especially handy if doing automation using Ansible or similar tools. Here’s how to do it:

Generate the key pair
One public and one private key will be created. The private key is kept securely on the client system. The public key is copied to the target server. The passphrase is optional. It helps secure they key if the private key is compromised. In this example we skip entering a passphrase.

Copy the key to the remote system
We now copy over the public key to the remote system. Note that we need to enter the password to get the key copied. This is what we’re trying to fix. Note that we copy the .pub public key to a new name: “authorized_keys” in the .ssh directory for your user on the remote system. For example “/home/jonas/.ssh/authorized_keys”.

Verify the solution
Repeat the SCP command but this time copy the public key to a random name to verify that SSH/SCP can be done without entering a password:

…and with Ansible
Below we finally compare pinging a host with RSA key auth enabled vs. server with password login only. Predictably one succeeds and one fails.

View, Create, Delete virtual RAID volumes with RACADM on an FC630 server (Dell 13G)

SSH to the iDRAC of the machine:

Enter RACADM:

Check for existing RAID volumes:

Check ID:s of the physical disks and the controller:

Create the RAID volume:
In this case RAID6 with read-ahead and write-back switched on

Schedule the job (Note: Also see altenative method below):

Execute the job by powercycling the server:

ALTERNATIVE: Schedule the job without reboot:

If the RAID controller supports realtime execution, the virtual disk can be created without the need to reboot. To do this, add “–realtime” after the job creation command as follows:

Verify RAID volume creation after job has completed:

View, Create, Delete virtual RAID volumes with RACADM on an R720 server (Dell 12G)

Background
Yesterday I needed to setup an R720 remotely and it needed a new RAID volume created. The issue was that rather than the normal Enterprise license the server had an iDRAC Express license (no remote console) so it wasn’t possible to use the normal UEFI / BIOS wizard to create the disks. Luckily a GUI isn’t required and the disks can be created quite happily with RACADM.

Local and remote
RACADM can be used locally on the server and remotely. In the examples below all commands are done from a remote workstation across the network. It is also possible to SSH to the iDRAC and execute the commands from there (or from the server OS itself it it’s already setup).

Check the presence of virtual disks by using:

In the below case the machine doesn’t have any virtual volumes yet:

If the machine had a virtual disk defined we’d see the below:

To delete an existing virtual disk:

Then schedule the job:

Reboot server to execute job:

Check the status of the job:

To view all jobs (results in a list of jobs and their status):

To create a virtual disk / volume
Help will show:

So we need the FQDD of the Controller and also the list of FQDD:s for our physical disks.

Checking our controller FQDD:

Checking our physical disks FQDD:

Example of creating the virtual disk with RAID0, write-through and no read-ahead (YES, IT’S ALL ONE LINE):

Example of creating the virtual disk with RAID0, write-back cache and read-ahead enabled (YES, IT’S ALL ONE LINE):

Schedule the job:

Restart to execute the job:

View the virtual disk once created:

Set NTP settings on a Dell server with iDRAC7

Set the DNS first to ensure the iDRAC can resolve the NTP host names:
racadm -r 10.1.1.100 -u root -p calvin set idrac.ipv4static.dns1 8.8.8.8

Set the NTP server names:
racadm -r 10.1.1.100 -u root -p calvin set idrac.NTPConfigGroup.ntp1 0.asia.pool.ntp.org
racadm -r 10.1.1.100 -u root -p calvin set idrac.NTPConfigGroup.ntp2 1.asia.pool.ntp.org
racadm -r 10.1.1.100 -u root -p calvin set idrac.NTPConfigGroup.ntp3 2.asia.pool.ntp.org

In case it won’t update the time when FQDN’s are used, IP addresses can also be used:
racadm -r 10.1.1.100 -u root -p calvin set idrac.NTPConfigGroup.ntp1 129.250.35.250
racadm -r 10.1.1.100 -u root -p calvin set idrac.NTPConfigGroup.ntp2 180.211.88.50
racadm -r 10.1.1.100 -u root -p calvin set idrac.NTPConfigGroup.ntp3 202.112.29.82

Enable NTP and set max hops:
racadm -r 10.1.1.100 -u root -p calvin set idrac.NTPConfigGroup.NTPEnable Enabled
racadm -r 10.1.1.100 -u root -p calvin set idrac.NTPConfigGroup.NTPMaxDist 16

Set the timezone:
racadm -r 10.1.1.100 -u root -p calvin set idrac.time.timezone Japan