HP-UX AAA Server A.08.02.10 Administrator's Guide HP-UX 11i v3 (T1428-90093, November 2013)
Contents
1 Overview: The HP-UX AAA Server .............................................................23
RADIUS Topology ..................................................................................................................23
Establishing a RADIUS Session.................................................................................................24
Product Structure.....................................................................................................................25
HP-UX AAA Server Daemon, Libraries, and Utilities ...............................................................25
HP-UX AAA Server Manager Program .................................................................................25
Documentation..................................................................................................................25
HP-UX AAA Server Architecture ...............................................................................................26
Configuration Files ............................................................................................................26
AATV Plug-Ins ...................................................................................................................27
The Software Engine: Finite State Machine ...........................................................................27
HP-UX AAA Server Commands, Utilities and Daemons................................................................27
Handling an Access Request....................................................................................................27
Authentication to Verify the Client and User ..........................................................................28
Authorization to Control Sessions and Access to Services .......................................................30
Authorization Steps .......................................................................................................31
Session Logs For Accounting ...................................................................................................33
IPv6 Support for External Services.............................................................................................33
HP-UX AAA Server as a Client.............................................................................................33
2 Upgrading to Version A.08.02.10...............................................................34
The HP-UX AAA Server Upgrade Process...................................................................................34
Upgrading from Versions A.07.00, A.06.02, A.06.01, or A.07.01 to Version A.08.02.10.................34
Upgrading from Version A.06.00.x to Version A.08.02.10...........................................................35
Upgrading from Version A.05.x to Version A.08.02.10................................................................37
Merging the Dictionary File......................................................................................................37
Merging the radius.fsm File......................................................................................................37
Merging the vendors File.........................................................................................................37
3 Installing and Securing the HP-UX AAA Server.............................................38
Acquiring the HP-UX AAA Server Software.................................................................................38
Installing and Uninstalling the HP-UX AAA Server.......................................................................38
To Install the HP-UX AAA Server...........................................................................................38
To Uninstall the HP-UX AAA Server Software..........................................................................39
HP-UX AAA Server File Locations .............................................................................................39
Securing the HP-UX AAA Server...............................................................................................43
Changing the Default HP-UX AAA Server Settings .................................................................43
Changing the Default Tomcat User Name and Password....................................................43
Changing the Default RMI Objects Secret.........................................................................43
Changing the Default test_user Settings............................................................................44
Changing the Default localhost Proxy Settings...................................................................44
Environment Specific Security Procedures .............................................................................44
Using Secure Socket Layer (SSL) for Secured Remote Server Manager Administration..............44
Creating a Tomcat Identity Specifically for the HP-UX AAA Server .......................................45
Running the HP-UX AAA Server on Hosts with System Hardening Software............................46
Running the HP-UX AAA Server as a Non-Root User...........................................................46
Setting Up the HP-UX AAA Server to Start as Non-Root User After Reboot.............................47
4 Enabling the HP-UX AAA Server for GUI-based Administration.......................49
Accessing the Server Manager.................................................................................................49
Starting and Stopping the RMI Objects.................................................................................49
Starting and Stopping Tomcat.............................................................................................50
Testing the Installation ............................................................................................................50
Contents 21