Manualshelf

HP-UX AAA Server A.08.02.10 Administrator's Guide HP-UX 11i v3 (T1428-90093, November 2013)

ManualsBrandsHP ManualsSoftwareHP-UX AAA Server (RADIUS) Software
61626364656667686970
To use SCP during saving or loading configuration, you must enable key-based authentication,
which does not require a password, between the user account configured to start Tomcat (HP-UX
AAA Server Manager) on the local host and the user account configured to start the RMI Server
on the remote host. In the user account configured to start the RMI Server on the remote host, the
default : aaa, rmiserver.aaa.user property in the rmiserver.properties file can
be modified to change the default aaa value.
NOTE: If you do not choose to use SCP, RMI Server is used by default.
Setting up Key-Based Authentication
This section describes how to set up key-based authentication between the user account configured
to start Tomcat (HP-UX AAA Server Manager) on the local host and the user account configured
to start the RMI Server on the remote host.
Setting up key-based authentication involves creating a public-private key set with ssh-keygen,
generating public-private rsa key pair, and sharing the public key with the user account configured
to start the RMI Server on the remote host.
This section describes the following procedures:
“Creating a Public-Private key set with ssh-keygen” (page 68)
“Sharing the Public key with Remote Hosts” (page 68)
Creating a Public-Private key set with ssh-keygen
To create a public-private key set with ssh-keygen on the local host, complete the following
steps:
1. Log in using the name used to start Tomcat.
2. To create the ssh directory, enter the following command at the HP-UX prompt:
# mkdir ~/.ssh
3. Change the permissions of the directory as follows:
# chmod 700 ~/.ssh
4. Change to the ssh directory as follows:
# cd ~/.ssh
5. To create the SSH key pair, complete the following steps:
1. Enter the following command at the HP-UX prompt:
# ssh-keygen -t rsa
The SSH key pair is created.
2. Enter the file in which you want to save the key. Click Enter to select the default path
(<your_local_home>/.ssh/id_rsa).
3. Enter the passphrase. If you do not want a passphrase, click Enter.
The identification is saved in (<your_local_home>/.ssh/id_rsa) if the default path
is selected.
The public key is saved in (<your_local_home>/.ssh/id_rsa.pub) if the default
path is selected.
Sharing the Public key with Remote Hosts
To share the public key with the user account configured to start the RMI Server on the remote host
from the local host where HP-UX Server Manager GUI is running, complete the following steps:
68 Managing HP-UX AAA Servers