HP Data Protector 6.1 software VMware Integration Installation Best Practice
20
Appendix A
This section covers the following:
Enabling SSH-login on an ESX Server, see below
Firewall configuration, see page 20
DVDs and downloadable binaries, see page 22
For more information, see page 23
Enabling SSH-login on an ESX Server
1. Login via the console.
To enable SSH login access, use the console. For example, with the help of the iLO Remote
Console (part of the HP server):
The password that you need to enter here was provided during the ESX installation.
2. Enable root login.
In the file: /etc/ssh/sshd_config, set the parameter PermitRootLogin to yes.
Note: Do not confuse this with the ssh_config file in the same directory.
3. Restart the SSH-daemon.
To make the changes active, restart the ssh-deamon:
# /etc/init.d/sshd restart or # service sshd restart
Note: If you want to disable root login for SSH, change the file sshd_config back and
restart the SSH daemon. However, this will block patching the ESX Server by a Data Protector
Installation Server.
Firewall configuration
Data Protector uses by default only two dedicated ports: 5555 (Inet) and 5556 (Java GUI). All
other ports used by Data Protector are dynamically allocated in the range of 1024 to 65535. In
cases where firewalls become important, this range can be restricted to a smaller number of
usable ports. The esxcfg-firewall command and two omnirc variables can be used to define
a narrower range of ports.
It is possible to use the esxccfg-firewall command manually to open ports for an
application. However, especially if many ESX servers have to be installed, it is preferable to
create an xml file in the directory /etc/vmware/firewall that opens one or more ports or
port ranges.