HP-UX Host Intrusion Detection System Version 4.1 Administrator's Guide
3. Installing the keys on each host
Install the bundle of keys generated for each agent system on that system. Store
the agent certificate bundle in the /var/opt/ids/tmp directory.
a. Log in as follows:
$su - ids
b. Change directory to /opt/ids/bin, as follows:
$cd /opt/ids/bin
c. Store the key bundle in a directory, such as /var/opt/ids/tmp.
d. Import the following key bundle:
$IDS_importAgentKeys /var/opt/ids/tmp/agentsys.tar.Z
adminsys
Where:
agentsys is the name you entered for this agent system in Step 1.d
adminsys is the host name or IP address of the administration system.
If the administration system is multihomed, you must set the INTERFACE
variable to the IP address that you want to use for HP-UX HIDS
communication. For more information, see “Configuring a Multihomed
Administration System” (page 44).
The certificates for this host and the Root CA are extracted from the
compressed tar file /var/opt/ids/tmp/host1.tar.Z and installed. The
value of REMOTEHOSTS in the configuration file /etc/opt/ids/ids.cf is
changed to adminsys.
The certificates are placed in /etc/opt/ids/certs/agent.
Following is an example of the install process, run on agent system myhost1:
$ IDS_importAgentKeys
/var/opt/ids/tmp/myhost1.tar.Z myadmin
Extracting key pair and certificates...
Modifying the configuration file
/etc/opt/ids/ids.cf to use myadmin as the
IDS Administration host...
********************************************
****************
* Keys for IDS Agent were imported
successfully.
* You can now run the idsagent process on
this machine and control it from the HP-UX
Host IDS System Manager.
********************************************
****************
Setting Up HP-UX HIDS Secure Communications 41