Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
61626364656667686970
9 Using the sshd Template
This chapter describes how to use the sshd template to add configuration data for hosting an
HP-UX Secure Shell daemon (sshd) in an SRP compartment. You can also use the sshd template
to delete or modify the sshd template data for a compartment.
This chapter addresses the following topics:
Adding the sshd Template to an SRP Compartment” (page 61)
“Starting the SRP Compartment” (page 50)
“Replacing or Deleting SSHD SRP Data” (page 64)
Adding the sshd Template to an SRP Compartment
To use the sshd template, you must create a base SRP compartment first, then add the sshd
template to the compartment. For example:
srp -add myCmpt # create a base SRP compartment
srp -add myCmpt -template sshd
Requirements for Running srp
You must have superuser capability to run the srp utility. In addition, most system configurations
require you to be in the INIT compartment so that srp can modify the system and subsystem
configuration files. For more information, see “Run Environment for the SRP Session” (page 29).
Syntax
The syntax for adding the sshd template to an SRP compartment is as follows:
srp -a[dd] compartment_name -t[emplate] sshd [-s[ervice]
service[,service]...]
Where:
compartment_name
Specifies the name of an existing SRP compartment.
service
Specifies the name of the service to configure. The following services
are valid with the sshd template:
cmpt
ipfilter
provision
If you do not specify any services in the command line, srp prompts
you for the services you want to apply and displays a list of the default
services that are valid with the sshd template. If you are using the
factory-configured default services, the only valid default service is
cmpt.
The input data for these services and the data configured are described
in the sections that follow. If SRP uses input data for multiple services,
the srp utility prompts you for the data once and reuses the value.
The cmpt Service
The cmpt service for the sshd template configures Security Containment file system rules to
allow the compartment to access the specified Secure Shell directories.
Adding the sshd Template to an SRP Compartment 61