Managing Systems and Workgroups: A Guide for HP-UX System Administrators
Configuring a System
Using Distributed Systems Administration Utilities
Chapter 3 237
Pick one of the cluster members and copy these files to the same
directory on the other cluster members. Using the “cluster copy” or cpp
tool is a quick way to do this, using the following commands:
# cd /opt/ssh/etc/
# ccp ssh_host_* /opt/ssh/etc/
Then from each log consolidation client, perform a standard ssh key
exchange with the relocatable IP address of the clog package. One way
to do this is using the csshsetup tool (see csshsetup (1)), as follows:
# csshsetup <DNS name of the clog package>
csshsetup will prompt for the password of the cluster in order to do the
initial key exchange.
Using Bastille to Harden the System
Bastille is a security-hardening lockdown tool that can be used to
enhance the security of the HP-UX operating system. It provides
customized lockdown on a system-by-system basis by allowing the
administrator to choose which security features to enable or disable from
hardening/lockdown checklists.
Bastille can be used to harden a log consolidation server. When enabling
IP filtering, note that the following ports must be left open for syslog and
syslog-ng:
• UDP 514 – this port is used by syslogd clients for forwarding log
messages
• TCP port <selected port> - the administrator chooses which TCP port
a syslog-ng log consolidator uses to receive messages.
• TCP port 22 – When using ssh port forwarding to create encrypted
tunnels, the remote clients communicate with the log consolidation
server’s sshd daemon. In a default configuration, this daemon listens
on TCP port 22.
Viewing Consolidated Logs
Use the System Management Homepage’s System Log Viewer to filter
and view a system’s local syslog log files. For a system that is also a log
consolidator, the System Log Viewer also filters and displays the
consolidated logs.