This how-to is based on https://lodge.glasgownet.com/tech/automating-server-startup-with-hp-ilo/ but adapted to iLO 4 (2.73)
1. iLO User
To add a new user, log in to the iLO web interface and select Administration > User administration. For purposes of this how-to a user named ilouser is created
To set up key based authentication, it is wise to set up a user with only the functions you require enabled. Note down the password, but be aware that it is not required after this stage.
2. SSH Key
Once the user has been set up on the iLO, a key-pair with the same username has to be generated. At the command line on a Linux machine, generate the keypair with:
ssh-keygen -f ilouser -C ilouser
ssh-keygen will ask you to enter a passphrase. If you add a passphrase you will have to supply this every time you log in, this is the safest route. Optionally you can skip the passphrase so you can log in directly.
The example above will create a 3072-bit RSA (and SHA256) key, this will result in two files:
pihole:tmp $ ls ilouser ilouser.pub
ilouser – this private key remains on the source machine
ilouser.pub – this is the public part that will get uploaded to the iLO
Do not change the permission modes on the files, as SSH checks them on use. It will not use files with loose permissions.
3. iLO SSH Key Authentication
Log in to the iLO again, and select the Administration > Security menu. Put a check before the ilouser user and select Authorize new key. A new element will appear in which you have to paste the contents of ilouser.pub. In your bash shell type:
cat ilouser.pub
And copy+paste the entire content as-is in iLO, including the ssh-rsa and ilouser bits. Finish by clicking ‘Import Public Key’
4. Testing Login
Test that the system can log in by specifying the location of the private key (the file without the .pub), the username to login with, and the hostname.
ssh -i /home/username/ilouser ilouser@server.lan
All being well, you will be presented with the iLO SSH interface after a short delay. If you encounter an error involving dispatch_protocol_error, then your iLO firmware should be updated. It will still allow you to execute commands non-interactively though.