Sun Microsystems V40Z Server User Manual


 
58 Sun Fire V20z and Sun Fire V40z Servers, Server Management Guide May, 2004
Note Use scp to copy the files to either /tmp or to your home directory. The sp
commands will then install the file specified on the command line.
Creating Trusted Host Relationships
Adding a trusted host relationship is one way to allow for passwordless access and
thus is a means for one-to-many scripting. Once a host equivalence relationship has
been created with a client, users on that client can remotely execute commands on
the Service Processor without being prompted for a password, provided one of the
following conditions is met:
The user’s login name on the client is the same as that of a local user on the SP.
The user’s login on the client belongs to a directory service group that is mapped
to an SP administrative group. (In this case, the SSH command executes as a well
known auxiliary user on the SP; either rmonitor, radmin, or rmanager.)
Note – Support is available for SSH protocol version 2 key types (RSA or DSA) only.
If DNS is enabled on the SP, the client machine must be specified with its DNS name,
not an IP address.
Manager-level users can create a trusted host relationship for the specified host from
the command line using the access add trust command:
# access add trust {-c | --client} HOST {-k | --keyfile} \
PUBLIC KEY FILE
Adding Public Keys
Adding a user’s public key is another way to allow for passwordless access and thus
provide one-to-many scripting. Once a public key for a specific user has been
installed on the SP, that user can remotely execute commands on the SP without
being prompted for a password, if that user has installed the associated private key
on the client.
Note – Support is available for SSH protocol version 2 key types (RSA or DSA) only.
Only local users can add public keys. Users who obtain authorization from directory
services group mappings are not able to add public keys.
Local admin-level or manager-level users can add public keys using the access
add public key command: