HP-UX Secure Resource Partitions (SRP) A.02.01 Administrator's Guide
69
o Creates the compartment-specific startup configuration file,
/var/hpsrp/compartment_name/etc/rc.config.d/sshd, which specifies
the compartment-specific sshd configuration file as a startup argument for sshd.
o Adds the startup and shutdown script secsh to the compartment-specific init.d
directory, /var/hpsrp/compartment_name/sbin/init.d. This file is linked to
the /var/hpsrp/compartment_name/sbin/rc2.d/S393secsh and
/var/hpsrp/compartment_name/sbin/rc1.d/K393sech files.
11.1.3.3 Completing the Configuration
Tasks you might need to perform to complete the configuration include the following:
• Editing the compartment sshd_config file (the default location is
/var/hpsrp/compartment_name/opt/ssh/sshd_config).
• If a client has the StrictHostKeyChecking directive set to yes, you must add the host
public key file (ssh_host_dsa_key.pub or ssh_host_rsa_key.pub) to the client
configuration, as described in the HP-UX Secure Shell documentation.
11.2 Replacing or Deleting SSHD SRP Data
Use the following command to replace sshd template data from an SRP compartment:
srp -r[eplace] compartment_name -t sshd [-s service[,service]...]
The srp -replace command deletes the specified data, then prompts you for replacement data.
For example, the following command deletes all the IPFilter data for the sshd template, then prompts
you for replacement data:
srp -replace mySRP -t sshd -s ipfilter
Use the following command to delete sshd template data from an SRP compartment:
srp -d[elete] compartment_name -t sshd [-s service[,service]...]
CAUTION: If you do not specify the -template and/or -service arguments, srp deletes all
templates and/or services for the compartment. For example, the command srp -delete mySRP
deletes the entire mySRP SRP compartment.
For more information, see
13.2 Deleting Configuration Data and 13.3 Replacing Configuration Data.