Manualshelf

HP-UX AAA Server A.08.02.10 Administrator's Guide HP-UX 11i v3 (T1428-90093, November 2013)

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
41424344454647484950
Table 6 Files Generated During Operation
FileDirectory
Default session accounting logs, Merit style/acct/session.yyyy-mm-dd.log
Currently active sessions log file/data/session.las
Shared memory files related to the interface used for some
authentication types.
IMPORTANT: You must not alter or delete the shared memory (*.sm)
files. The server does not operate correctly if the files are changed or
removed from the ipc directory.
/ipc/*.sm
The server log file/logs/logfile
Compressed daily or weekly log files/logs/logfile.yyyymmdd
For session accounting logs in Livingston call detail records directory
style format (not generated by default configuration)
/radacct/*
Contains the process id (pid) for the server./run/radius.pid
Securing the HP-UX AAA Server
Performing the steps in this section increases the security of your HP-UX AAA Server installation.
HP recommends all customers perform the steps in“Changing the Default HP-UX AAA Server Settings
(page 43). Perform the steps in “Environment Specific Security Procedures (page 44) depending
on your environment.
Changing the Default HP-UX AAA Server Settings
The following information explains how to increase the security of your HP-UX AAA Server by
changing some of the default settings. HP recommends that all customers change the default values.
Changing the Default Tomcat User Name and Password
All Tomcat servers come with the same default user name and password. You must change the
user name and password to unique values.
Complete the following steps to change the Tomcat user name and password:
1. Open /opt/hpws22/tomcat/conf/tomcat-users.xml.
2. Look for entries with the roles=“tomcat” string. These entries are valid Tomcat user names and
passwords.
3. Modify the file to include only the user name and password you want to use. Use the following
format:
<user username="new user name" password="new password"
roles="tomcat"/>
Changing the Default RMI Objects Secret
HP recommends changing the default RMI Objects secret.
Complete the following steps to change the default RMI objects secret:
1. Open/opt/hpws22/tomcat/webapps/aaa/WEB-INF/gui.properties.
2. Look for the following entry:
rmi.config.secret = "secret"
3. Change the “secret” portion to a new value
4. Open the /opt/aaa/remotecontrol/rmiserver.properties file.
5. Look for the following entry:
rmi.config.secret = "secret"
Securing the HP-UX AAA Server 43