Manualshelf

HP-UX Secure Resource Partitions (SRP) A.02.02 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Containers (SRP)
61626364656667686970
69
13 Using the sshd Template
This chapter describes how to use the sshd template to configure and provision an HP-UX Secure
Shell daemon (sshd) in an SRP compartment. You can also use the sshd template to delete or modify
the sshd template data for a compartment.
This chapter addresses the following topics:
13.1 Adding the sshd Template to an SRP Compartment
13.2 Replacing or Deleting SSHD SRP Data
13.1 Adding the sshd Template to an SRP Compartment
To use the sshd template, you must create a SRP compartment first, then add the sshd template to
the compartment. For example:
srp -add mySRP # create a SRP compartment
srp -add mySRP -template sshd
The syntax for adding the sshd template to an SRP compartment is as follows:
srp -a[dd] srp_name -t[emplate] sshd [-s[ervice] service[,service]...]
Where:
srp_name
Specifies the name of an existing SRP compartment.
service
Specifies the name of the service to configure. The following services are
valid with the sshd template:
cmpt
ipfilter
provision
If you do not specify any services in the command line, srp prompts you
for the services you wa
nt to apply and displays a list of the default services
that are valid with the sshd template. If you are using the factory-
configured default services, the only valid default service is
cmpt,provision.
The input data for these services and the data configured are described in
the sections that follow. If SRP uses input data for multiple services, the srp
utility prompts you for the data once and reuses the value.
13.1.1 The cmpt Service
The cmpt service for the sshd template configures Security Containment file system rules to allow the
compartment to access the specified Secure Shell directories.
13.1.1.1 Input Data
SRP prompts for the following data. You can also specify a variable name and value in the command
line, as described in
15.1 Creating an SRP Compartment or Adding Data to an SRP.
sshd data path
Specifies the compartment-specific target directory for sshd configuration
and key files.