Guardian User's Guide

ManualsBrandsHP ManualsServerHP NonStop G-Series

341

342

343

344

345

346

347

348

349

350

Managing Users and Security

Guardian User’s Guide—425266-001

16-20

Accessing a File on a Remote System

The user at system \EAST entered the matching password and now has remote access to

system \WEST as ADMIN.BILL.

ADMIN.BILL, logged on at system \EAST, does not have the same status at \WEST as

does the ADMIN.BILL at \WEST. Because ADMIN.BILL at \EAST is a remote

accessor of \WEST, this user cannot access disk files on \WEST that are secured for

local access only.

Also, if ADMIN.BILL on \EAST creates a process on \WEST that attempts to access the

home terminal on \EAST, the attempt will fail because remote passwords to allow

access from \WEST to \EAST were not established.

For ADMIN.BILL to gain access to \EAST from \WEST, an allow-access password

must be defined for ADMIN.BILL at \EAST, matched by a request-access password at

\WEST. For example, this is entered first at \EAST and then at \WEST:

Now users logged on as ADMIN.BILL at either system \WEST or system \EAST have

access to both systems.

Considerations for Remote Passwords

•

When matching remote passwords are established on both systems, a user does not

need to specify the remote password to gain access to the remote system.

Furthermore, the super IDs at the various nodes in a network can set up the

appropriate allow-access and request-access passwords for all users so that the users

themselves need not be concerned with REMOTEPASSWORD commands. When

the appropriate passwords are established for a user, the user can access files

remotely without being aware of the network passwords.

•

The absence of an allow-access password prevents remote access by anyone acting

as that user. Thus, if MARKETNG.SUE does not supply an allow-access password,

no remote user with the same user ID can access MARKETNG.SUE’s home system

as MARKETNG.SUE.

•

A remote password, once defined, remains in effect until modified by a subsequent

REMOTEPASSWORD command. To remove the remote password for the system

\EAST:

To remove all of the user’s remote passwords:

•

Request-access passwords and allow-access passwords can be specified at any time.

Remote access is permitted as soon as both remote passwords are defined (provided

they match).

10> LOGON ADMIN.BILL

11> REMOTEPASSWORD \EAST, AARDVARK

10> REMOTEPASSWORD \EAST

10> REMOTEPASSWORD