Operating System - HP-UX
1748214 Members
3158 Online
108759 Solutions
New Discussion юеВ

General Ignite-UX question

 
Chris Kosanovich
Occasional Advisor

General Ignite-UX question

I want to know if this configuration will still let my ignite server work.

I want to have all of my servers accessable only though one machine and only one account on that machine. For example to log into servers X,Y, or Z you have to first log into machine A and then from there su to user ssh and from A you can log into X, Y, or Z. My question is if my Ignite server is set up on Z will it still work for new clients?

What protocols does the ignite use? It uses tftp to get some things but what else does it use? I need the server to be functional but not a security risk. Are there any specific suggestions anyone has on this point?

Sorry for the different questions. The main one i need answered is the first one but any additional advice would be greatly appreciated.
Thanks

-Chris
4 REPLIES 4
pap
Respected Contributor

Re: General Ignite-UX question

As long as you put the entry for ignite server in all machine's /.rhosts file, you should be fine.

COnfigure the machines as clients in Ignite server but you need to have telnet, tftp services enabled in your /etc/inietd.conf file.

-pap
"Winners don't do different things , they do things differently"
Sridhar Bhaskarla
Honored Contributor

Re: General Ignite-UX question

Chris,

What you are trying to do is called "ssh gateway". It may not work if you remove access to "r" commands as ignite uses remsh/rexec and/or NFS.

-Sri
You may be disappointed if you fail, but you are doomed if you don't try
hari jayaram_1
Frequent Advisor

Re: General Ignite-UX question

Chris,

If all systems need to go through A and then to Z I am not sure how you will be able to give a make_net_recovery command where you have to specify the ignite server for the -s option.

Secondly if you are going to only push an image out to the new server then is server z located on the same subnet as the target as you might require helper address if they are on different sub nets.

If they are located on the same subnet then you will have to still have remsh access, tftp access and export directories.

Thanks

Regards

Har
John Carr_2
Honored Contributor

Re: General Ignite-UX question

Hi

I think the answer to question one is yes.

effectively what we need to clarify is if one is logged into the ignite server in a secure shell is it possible to push a golden image to a fresh machine ?

cheers
John.