HP-UX Secure Resource Partitions (SRP) A.02.01 Administrator's Guide
68
11.1.3.1 Input Data
SRP prompts for the following data:
sshd data
path
Specifies the compartment-specific target directory for sshd configuration and
key files.
Variable Name: data_path.
Default: /var/hpsrp/compartment_name/opt/ssh.
sshd
executable
path
The location of the executables for the HP-UX Secure Shell product.
Variable Name: exec_path.
Default: /opt/ssh.
Copy SSH
config data
from
Specifies the directory from which you want to copy SSH configuration data. In
most cases, this should be the newconfig directory shipped with the HP-UX
Secure Shell product.
Variable Name: data_src.
Default: /opt/ssh/newconfig.
sshd port
number
Specifies the TCP port number on which the compartment sshd will receive
connection requests.
Variable Name: sshd_port.
Valid Input: A TCP port number in the range 1- 65535.
Default: 22, the IANA registered port number for SSH login.
sshd
Provision
script
Specifies the provision script to be used to configure sshd server in the
compartment.
Variable Name: script_name
Default: /opt/hpsrp/bin/util/secsh_setup
11.1.3.2 Configuration Data
By default, the /opt/hpsrp/bin/util/secsh_setup script:
• Uses the SSH ssh-keygen utility to generate an RSA key pair to use for the sshd host key
pair. These keys are stored in the compartment-specific sshd data path directory
(/var/hpsrp/compartment_name/opt/ssh) with the following names:
ssh_host_rsa_key
(RSA private key)
ssh_host_rsa_key.pub
(RSA public key)
• Creates a compartment-specific copy of the sshd configuration file by copying the
sshd_config file from the specified data_src directory to the to the data_path directory
and modifying it with compartment-specific data, including setting the HostKey parameter to
/var/hpsrp/compartment_name/opt/ssh/ssh_host_rsa_key.
• Creates compartment-specific initialization scripts and startup file to start the sshd with the
compartment-specific sshd_config file when the compartment startup script is executed.
The setup script: