Manualshelf

HP Systems Insight Manager 5.3 Technical Reference Guide

ManualsBrandsHP ManualsSoftwareHP Systems Insight Manager for HP-UX
161162163164165166167168169170
Installing OpenSSH
Managing SSH keys
About secure task execution
HP SIM
tasks
that cause state or configuration changes on
managed systems
use STE to issue commands to
the system. STE enables an HP SIM system to securely request execution of a task from a managed system,
ensuring that the
user
requesting the task has the appropriate rights to perform the task. The request includes
a digital signature to uniquely identify the HP SIM system making the request.
SSL
is then used to encrypt
the request and protect the data from alteration or eavesdropping. See “Setting up trust relationshipsfor
more information.
NOTE: STE requires a Trusted Management Servers List at each managed system to ensure that only
specified HP SIM systems can execute tasks on the system.
NOTE: On the managed system, only a Trust by Certificate ensures that the request came from the specified
HP SIM system. Other options, such as Trust by Name or Trust All, do not verify the
digital signature
of the
HP SIM system and; therefore, these options cannot reliably verify the sender of the request.
NOTE: Tasks that use STE, such as Replicate Agent Settings and Install Software and Firmware, cannot be
executed on a Virtual Cluster system. However, they can be executed directly on each individual system in
the
cluster
.
Related topics
Exporting a server certificate
Setting up trust relationships
Requiring trusted certificates
Creating a server certificate
Installing OpenSSH
Managing SSH keys
Configuring the system link
To choose the name format used when creating links to
managed systems
. The System Link Configuration
setting defines how HP SIM creates browser links to remote systems and how it communicates with remote
systems for certain requests.
NOTE: When you browse to
systems
using
SSL
, the system name must match the name in the system
certificate
.
To configure the system link:
1. Select OptionsSecuritySystem Link Configuration. The System Link Configuration page
appears.
2. Select from the following options:
Use the system name. Select this option to use the system name.
Use the system IP address. Select this option to use the system IP address. For systems with
multiple addresses, you can enter multiple links.
Use the system full DNS name. Select this option to use the full system
DNS
name.
Note: On an HP-UX or Linux
CMS
, the default value is Use the system full DNS name on new HP
SIM installations. New installations on Windows defaults to Use the system name, and upgrades
maintain the existing setting regardless of the operating system.
Note: During
discovery
, the full system DNS name is used as the primary lookup key. Otherwise, the IP
address is used.
About secure task execution 167