Manualshelf

HP-UX AAA Server A.08.00.01 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
919293949596979899100
NOTE: More than one administrator cannot edit the same functional area (access
device, proxies, local realms, users, server properties) of a server configuration at the
same time. After you access the configuration screens for a functional area, the Server
Manager does not allow others to access that functional area until you have moved to
a different item.
NOTE: Selecting Save Server Attributes Only saves the group and server attributes
on the host running Tomcat (HP-UX AAA Server Manager) to the host running HP-UX
AAA Servers. However, the configuration files of the individual HP-UX AAA Servers
are not saved.
Enhancing Loading and Saving Performance Using Secure Copy Protocol
You can load and save configuration files using the RMI Server or the Secure Copy
Protocol (SCP). SCP reduces the time required to load and save configuration files.
To use SCP during saving or loading configuration, you must enable key-based
authentication, which does not require a password, between the user account configured
to start Tomcat (HP-UX AAA Server Manager) on the local host and the user account
configured to start the RMI Server on the remote host. In the user account configured
to start the RMI Server on the remote host, the default : aaa,
rmiserver.aaa.user property in the rmiserver.properties file can be modified
to change the default aaa value.
NOTE: If you do not choose to use SCP, RMI Server is used by default.
Setting up Key-Based Authentication
This section describes how to set up key-based authentication between the user account
configured to start Tomcat (HP-UX AAA Server Manager) on the local host and the
user account configured to start the RMI Server on the remote host.
Setting up key-based authentication involves creating a public-private key set with
ssh-keygen, generating public-private rsa key pair, and sharing the public key with
the user account configured to start the RMI Server on the remote host.
This section describes the following procedures:
“Creating a Public-Private key set with ssh-keygen” (page 93)
“Sharing the Public key with Remote Hosts” (page 94)
Creating a Public-Private key set with ssh-keygen
To create a public-private key set with ssh-keygen on the local host, complete the
following steps:
1. Log in using the name used to start Tomcat.
Loading and Saving Your Configuration 93