chnaskey

The chnaskey command provides an interface to set or reset the Secure Shell (SSH) private and public key credential pair used by communications between the IBM Storwize^® V7000 for Lenovo file modi and the control enclosure over the site 1 Gbps Ethernet LAN. This is required during the USB initialization of the system.

Syntax

chnaskey { -pubkeyfile filename | | -privkeyfile filename | | -reset }

Parameters

-pubkeyfile filename | -privkeyfile filename | -reset

During the Universal Serial Bus (USB) initialization of the Lenovo Storage V series system, one of the node canisters in the control enclosure creates a public/private key pair to use for Secure Shell (SSH). The node canister stores the public key and writes the private key to the USB flash drive memory.

One of the file modules then takes the private key from the USB flash drive memory to use for SSH. The file module passes it to the other file module over the direct connect Ethernet link and then deletes the private key from the USB flash drive memory so that it cannot be used on the wrong system.

Note:

The pubkeyfile parameter must be an alphanumeric string up to 255 characters in length, and the file must be less then 2048 bytes.
The privkeyfile must be an alphanumeric string up to 251 characters in length.

pubkeyfile provides an existing public keyfile in use. This does not generate anything, but replaces the currently used public key with another public key. The private key file on the file modules is use it to generate the original public key file when it is set on the system.

privkeyfile generates the public and private key pair, and sets the public key on the system. It also provides the private key for installation on the file modules (in the /dumps directory or on the USB stick depending on what was used).

-reset

(Optional) Specifies that the public and private key pair should be cleared, and the system should be reset.

Description

It might be necessary to reset the Network Attached Storage (NAS) SSH key in the following circumstances:

When communications between the IBM Storwize^® V7000 for Lenovofile module and the IBM Storwize^® V7000 for Lenovo control enclosure is not authorized because of a bad key.
When both IBM Storwize^® V7000 for Lenovo file modules have lost the original NAS SSH key.
When the IBM Storwize^® V7000 for Lenovo control enclosure has lost the NAS SSH key.

Resetting the NAS SSH key

Reset the NAS SSH key so that communications between the file modules and the IBM Storwize^® V7000 for Lenovo control enclosure resume: