To install Ops Manager v.2.6 on vSphere, you must provide a public SSH key. You cannot install Ops Manager v2.6 using a password.

If you do not add a public SSH key, or the format of the SSH key you provide is not what Ops Manager expects, Ops Manager shuts down automatically because it cannot find a key and may enter a reboot loop.

For more information, see Passwords Not Supported for Ops Manager VM on vSphere in the Ops Manager v2.6 release notes.

Generate an SSH Key pair:

You can use the OpenSSH utility named ssh-keygen to create a public/private SSH key pair that will support installation of Ops Manager v2.6. The ssh-keygen utility is provided on Unix and Windows machines. See SSH-KEYGEN for more information.

To generate a default SSH key pair, run the following command:
ssh-keygen

When prompted, enter a name for the file, or press enter to accept the default file name (`id_rsa`):
Enter file in which to save the key (/Users/user/.ssh/id_rsa): my-ssh-key-for-om26

When prompted, enter a passphrase, or press enter for no passphrase:
Enter passphrase (empty for no passphrase):
Enter same passphrase again:

For example:
ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/Users/user/.ssh/id_rsa): my-ssh-key-for-om26
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in my-ssh-key-for-om26.
Your public key has been saved in my-ssh-key-for-om26.pub.
The key fingerprint is:
SHA256:Un7M2lQxVdlO1FXfbg/03iM8OKl8MXrP/TTZRpwxr+Y [email protected]
The key's randomart image is:
+---[RSA 2048]----+
|            o..o@|
|             o .*|
|        .   . .=o|
|       o o . . +*|
|      . S =   ..B|
|       . = o+  *=|
|        . o+o+o+B|
|        ...ooo+oo|
|         oo .oE.o|
+----[SHA256]-----+

To verify SSH key generation, run the ls (Unix) or dir (Windows) command in the directory where the keys were generated. You should see both the public and private keys. 
ls
my-ssh-key-for-om26.pub
my-ssh-key-for-om26
 

Instructions to Generate a Custom SSH Key Pair:

The following instrutions can be used to customize the size and type of the SSH key.

If necessary, create an SSH directory and make it writable:
mkdir ~/.ssh
chown ~/.ssh/
chmod 700 ~/.ssh

Generate an SSH key with custom options:
ssh-keygen -t rsa -b 4096 -f ~/KEY/PATH/AND/NAME

Where:
`-t` is the key type
`-b` is the key size
`-f` is the key file name and path

For example:
ssh-keygen -t rsa -b 4096 -f ~/.ssh/my-ops-manager_ssh_key

Output:
The key fingerprint is:
SHA256:+OOnoz82ltY5/fOexRDInfJLOP/af72nwO+7b+Bop/c
...
Files generated: 
~/.ssh/my-ops-manager_ssh_key
~/.ssh/ops-manager_ssh_key.pub

To view the public SSH key, run the following command:
cat ~/.ssh/my-ops-manager_ssh_key.pub

On Windows, use the type command to view the contents of the public key, for example:
type my-ssh-key-om26.pub

The contents of the public SSH key content is required in the Public SSH Key field during Ops Manager OVA deployment. 
ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQDOIpfdD3bQPtIlQLTD8ALH/MB8UmTlKFmeliHuMW4cinOr4FQ2xgtD1N3scq1zsl+dYS3ldE3fpjsevV1xwbIobcTrPK+H2Teh6xSRLHNVhKNLTinHxrcDsAv+ijGbrh/g7+R7O3lW/3eUJJDoOw9Y16RllvhRkY8cTN4DELLrbfIAlfblaJPXObt+E2rD5h0kf1XYR3bDcKEuq1luxief/8uS/ci+JIKTLMOKYtZnDS52qE9P6kcuLzf9GOc6tzM8wGPoHLiLHRrtrZGUsvTlX2WeT3VtEVngAkLwUcbHjmXmGQwP3BJQBP5VzjGt38GDqgWC0dfqziLijchjhe5H corp\user@host-name
 

Using the Public Key to Configure Ops Manager:

After you generate the SSH key pair, the following files are generated in the directory specified:
NAME_ssh_key
NAME_ssh_key.pub

The public key ssh_key.pub is used to populate the "Public SSH Key" field during Ops Manager OVA deployment.

To display the contents of the public key, run the following command:
cat NAME_ssh_key.pub
On Windows use type instead of cat.

The result should be similar to the following:
ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAQEAnZBapWsER/EO1hLYvV/rkZe78mUBueZGHx1kw+ByfNbLoA385Cm72L+6qq40yOIH6R42nHN/bynbeHOD4Ptes4/s2lrLJtTzEWgH9XYnId4sE5f+QTFd2kRtTzZcu8WvFudEIyCIWjO+o9yvPETs05dEl/3KDn+t9uXxiszrG9Ycb2uNNpmDES+ohm9BQQFmpwFnao+UuQbRXLCcQ3SoE3Ai5Z9O+3PBwm0IByx87/dUuqvVISAJ8yGu2hJobx9PPStFERtUsfx5x+WIu9XIkrl5tzxgH9hBDsOS9cVUYJ7kKUUf1yyro6ocHyu6TWHJHSJLt8Z2FULxMPpqdn+8Xw== my-key

Copy the entire contents of the public SSH key output and paste it to the Public SSH Key field in the Ops Manager OVA.
 

SSH to the Ops Manager VM:

Ops Manager accepts SSH key's of the ssh-rsa format but not the ssh-ed25519 format. The default key-length of 2048 is the bare minimum. Recommended key length is 4096.

Once Ops Manager is deployed, to SSH to it, add the private key to your local SSH agent.
ssh-add KEY\PATH
You will be prompted to enter the passphrase you created in Step 1.

Note: To add the private key, ensure that your local SSH agent is active by running the command:
eval `ssh-agent -s`

Verify that you added your SSH key to your local SSH agent.
ssh-add -l

For example, you should see a result similar to the following:
ssh-add -l
4096 32:14:63:00:80:22:ec:0f:6c:ac:97:f8:78:8e:9f:1f /Users/bobjohnson/.ssh/id_rsa (RSA)
 

Note: If you receive an error similar to "Could not open a connection to your authentication agent.", run the following command and try the ssh-add command again:

exec ssh-agent bash
 

Connect to Ops Manager SSH :

Obtain the public IP of the Ops Manager host and SSH to it as the orchestrator user:
ssh -A [email protected]

For example:
ssh -A [email protected]
Last login: Fri Oct 28 18:17:29 2016 from 192.168.46.1
ubuntu@vm:~$

To verify connectivity, execute the OM CLI. If you cannot connect, exit OM, return to your local host, remove the key pair and try again.
 

Generate an SSH key pair on Windows using PuTTY Key Generator (puTTYgen):

Download either the PuTTY package or standalone puttygen.exe files from here (https://www.chiark.greenend.org.uk/~sgtatham/putty/latest.html.

After installation, run puTTYgen. This will allow you to generate a new public/private key pair. Leave the type of key as RSA and the number of bits to 2,048.


Click Generate to create a new key pair.

Move the mouse over the area provide to generate random behavior.

After the key has been generated, PuTTY Key Generator displays the public key in the main window and allows you to add a key comment and passphrase. The key comment must be set to "rsa-key-pks". It is strongly recommended to set a key passphrase in order to protect the private key. This passphrase will be requested any time a login is attempted that presents this private key.

Click Save public key to save the public key to your filesystem.

Click Save private key to save the private key to your filesystem. The private key must be kept secure at all times and must be used to connect to OpsManager from any location.

Select the entire key displayed in the window and copy it to the clipboard.

All of this should be pasted into the OVA deployment field Public SSH Key. You must ensure that the pasted public key is one continual line. If opening the saved public key in an IDE or other application, they will often introduce line breaks or carriage returns. These invisible characters may break the acceptance of this key by the appliance.

After the appliance is deployed, as an additional validation, open the console window to ensure the public key you provided was accepted and is displayed as follows.

Connect to OpsManager using PuTTY with private key authentication:

To connect to the deployed OpsManager with PuTTY, open the application and input the hostname or IP address.

Expand Connection > SSH > Auth and browse for the private key file created and saved above.

Click the Open button to start the SSH session.

Accept the key fingerprint provided by clicking Yes. 

A login prompt should appear. Supply the default login username of ubuntu and hit Enter. Type the passphrase you defined earlier and hit Enter.

You are now logged into OpsManager using public/private SSH key authentication with the ubuntu user account.