HP-UX AAA Server A.08.02 Administrator's Guide
Contents
1 Overview: The HP-UX AAA Server .............................................................22
RADIUS Topology ..................................................................................................................22
Establishing a RADIUS Session.................................................................................................23
Product Structure.....................................................................................................................24
HP-UX AAA Server Daemon, Libraries, and Utilities ...............................................................24
HP-UX AAA Server Manager Program .................................................................................24
Documentation..................................................................................................................24
HP-UX AAA Server Architecture ...............................................................................................25
Configuration Files ............................................................................................................25
AATV Plug-Ins ...................................................................................................................26
The Software Engine: Finite State Machine ...........................................................................26
HP-UX AAA Server Commands, Utilities and Daemons................................................................26
Handling an Access Request....................................................................................................26
Authentication to Verify the Client and User ..........................................................................27
Authorization to Control Sessions and Access to Services .......................................................29
Authorization Steps .......................................................................................................30
Session Logs For Accounting ...................................................................................................32
IPv6 Support for External Services.............................................................................................32
HP-UX AAA Server as a Client.............................................................................................32
2 Upgrading to Version A.08.02...................................................................33
The HP-UX AAA Server Upgrade Process...................................................................................33
Upgrading from Versions A.07.00, A.06.02, A.06.01, or A.07.01 to Version A.08.02.....................33
Upgrading from Version A.06.00.x to Version A.08.02...............................................................34
Upgrading from Version A.05.x to Version A.08.02....................................................................36
Merging the Dictionary File......................................................................................................36
Merging the radius.fsm File......................................................................................................36
Merging the vendors File.........................................................................................................36
3 Installing and Securing the HP-UX AAA Server.............................................37
Acquiring the HP-UX AAA Server Software.................................................................................37
Installing and Uninstalling the HP-UX AAA Server.......................................................................37
To Install the HP-UX AAA Server...........................................................................................37
To Uninstall the HP-UX AAA Server Software..........................................................................38
HP-UX AAA Server File Locations .............................................................................................38
Securing the HP-UX AAA Server...............................................................................................42
Changing the Default HP-UX AAA Server Settings .................................................................42
Changing the Default Tomcat User Name and Password....................................................42
Changing the Default RMI Objects Secret.........................................................................42
Changing the Default test_user Settings............................................................................43
Changing the Default localhost Proxy Settings...................................................................43
Environment Specific Security Procedures .............................................................................43
Using Secure Socket Layer (SSL) for Secured Remote Server Manager Administration..............43
Creating a Tomcat Identity Specifically for the HP-UX AAA Server .......................................44
Running the HP-UX AAA Server on Hosts with System Hardening Software............................45
Running the HP-UX AAA Server as a Non-Root User...........................................................45
Setting Up the HP-UX AAA Server to Start as Non-Root User After Reboot.............................46
4 Enabling the HP-UX AAA Server for GUI-based Administration.......................48
Accessing the Server Manager.................................................................................................48
Starting and Stopping the RMI Objects.................................................................................48
Starting and Stopping Tomcat.............................................................................................49
Testing the Installation ............................................................................................................49
20 Contents