Skip to main content
Sign Out

Welcome to Dell

My Account
  • Place orders quickly and easily
  • View orders and track your shipping status
  • Enjoy members-only rewards and discounts
  • Create and access a list of your products
  • Manage your Dell EMC sites, products, and product-level contacts using Company Administration.
Sign In Create an Account Premier Sign In Partner Program Sign In
Contact Us

Your Dell.com Carts

Secure Connect Gateway 5.x — Virtual Edition User's Guide

PDF

Add account credentials

About this task

Account or device credentials are required to add a device in secure connect gateway and to collect telemetry, if required. Depending on the devices in your environment, you can create one or more credential accounts for the same device type. However, at a time, only one account credential can be associated with a device type.

For authentication, after the username, you can either choose to enter the password of the device, or upload a key certificate and enter a passphrase. It is recommended to use the key certificate and passphrase method as it is more secure.

Authentication using key certificate includes the following process:

  1. Creating an SSH key pair—a public key and a private key.
  2. Copying the public key to the server.
  3. Using the private key as the passphrase.

For more information about generating and using an SSH key pair, see How to generate a new SSH key.

Steps

  1. Go to Device management > Manage credentials > Manage device credentials > Add credentials.
    The Add account credentials window is displayed.
  2. Enter a credential name.
  3. Select the device type.
    The associated fields are displayed.
  4. You can enter the credentials either manually or using a credential vault. Select one of the following options:
    • To store the credentials locally on the secure connect gateway device, select Manually.
    • To access credentials from the vault, select Use a credential vault. Select the correct vault from the dropdown list and enter the identifiers that the device has been configured with. If you select CCP, you must enter an Account identifier. If you select Conjur, you must enter the Username identifier and Password identifier.
      NOTE:The identifier details are available on the credential vault user interface and the format is as follows:
      • Username identifier—Organization account name /Environment /Safe Name/Name + username
      • Password identifier—Organization account name /Environment /Safe Name/Name + password
      If you have not added a vault, click Add a vault and enter the required information. See Add a credential vault.
  5. Click Add.
  6. Perform one of the following steps:
    • If you select the device type as Server / Hypervisor, select the operating system, enter the username and either enter the password, or upload the key certificate and enter the passphrase.
      NOTE:You cannot add account credentials for a server or hypervisor running the Windows operating system. For the list of supported operating systems, see the Secure Connect Gateway 5.x — Virtual Edition Support Matrix available on the Secure Connect Gateway - Virtual Edition documentation page.
      • If a device is running the Linux operating system, the credentials must have root or sudo user rights. If you provide the username and password of a sudo user, ensure that the sudo user is configured for secure connect gateway. See Configure sudo access for Secure Connect Gateway on a server running Linux operating system.
      • If the device is running ESX or ESXi, you can select the Enable Common Name (CN) check or Enable Certificate Authority (CA) check check boxes to perform additional security checks on the device. To perform a CA check, you can also upload certificates from the local system.
    • If you select the device type as iDRAC, Storage Center (SC) / Compellent, Dell ML3 or PowerVault, enter the username and password of the device. Optionally, select the Enable Common Name (CN) check or Enable Certificate Authority (CA) check check boxes to perform additional security checks on the device. To perform a CA check, you can also upload certificates from the local system.
    • If you select the device type as Chassis, enter the username and either enter the password, or upload the key certificate and enter the passphrase. Optionally, select the Enable Common Name (CN) check or Enable Certificate Authority (CA) check check boxes to perform additional security checks on the device. To perform a CA check, you can also upload certificates from the local system.
    • If you select the device type as Fluid File System (Fluid FS), enter the username and either enter the password, or upload the key certificate and enter the passphrase.
    • If you select the device type as Peer Storage (PS) / Equallogic, select the software type. Enter the username and either enter the password, or upload the key certificate and enter the passphrase, and then enter the community string of the device.
    • If you select the device type as Software and software type as vCentre, enter the username and password of the device. Optionally, select the Enable Common Name (CN) check or Enable Certificate Authority (CA) check check boxes to perform additional security checks on a vCenter. To perform a CA check, you can also upload certificates from the local system. If you select the software type as HIT Kit / VSM for VMware, enter the username and either enter the password, or upload the key certificate and enter the passphrase.
    • If you select the device type as Virtual Machine, select the operating system, and enter the username and either enter the password, or upload the key certificate and enter the passphrase.
    • If you select the device type as Networking, and the operating system type as Others, enter the username and either enter the password, or upload the key certificate and enter the passphrase. Enter the community string of the device. Click Enable SNMP v3 if you have configured your networking device with SNMP v3 for traps. Enter the SNMP v3 details according to the security level. For details see Configure SNMP v3 settings
      NOTE:
      • If you are using a networking device that is running the operating system version 10 and later, ensure that you enter only the username and password for authentication and not the key certificate and passphrase. You must also use the same credentials for SSH or REST.
      • If you have configured the device with Enable password and Community string, you must add Enable password identifier and Community string identifier when you select Conjur credential vault type. The community string is required only for Cisco devices, wireless controllers, and devices from the PowerConnect family 28xx and X series. The identifier details are available on the credential vault user interface and the format is as follows:
        • Enable Password identifier—Organization account name /Environment /Safe Name/Name + password
        • Community string identifier—Organization account name /Environment /Safe Name/Name + username
      . If you select the device type as Networking, and the operating system type as Enterprise SONiC, enter the username and the password.
    • If you select the device type as Solution, for SSH Credentials, enter the username and either enter the password, or upload the key certificate, and enter the passphrase. For REST Credentials, enter the username and password. Optionally, you can select the Enable Common Name (CN) check or Enable Certificate Authority (CA) check check boxes to perform additional security checks on the appliance. To perform a CA check, you can also upload certificates from the local system.
    • If you select the device type as Direct Liquid Cooling, enter the credential name and then enter the community string of the device.
    • If you select the device type as Remote Support SSH, use the credential vault and enter the username identifier and the password identifier. You cannot manually add the username and password for Remote Support SSH.
      NOTE:Devices that have SSH remote support capabilities enabled can share credentials using Remote Support SSH. The supported device types are:
      • Data storage devices other than Fluid File System (Fluid FS), PeerStorage(PS) / Equallogic, Storage Center(SC)/Compellent, PowerVault (MD3 and ME4 Series), Dell ML3.
      • Converged/Hyperconverged Infrastructure other than Webscale.
      • Data Protection.

      For more information about device types that have SSH for remote support capabilities, see the Secure Connect Gateway 5.x - Virtual Edition Support Matrix available on the on the Secure Connect Gateway - Virtual Edition documentation page.

  7. Click Add.
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please provide ratings (1-5 stars).
  Please select whether the article was helpful or not.
  Comments cannot contain these special characters: <>()\