- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- Ignite server
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-12-2006 03:35 AM
тАО06-12-2006 03:35 AM
Hello. Good day to you all.
I have a question regarding security in an ignite sever environment.
I am installing an IGNITE SERVER; I have already installed the server and setup clients. Everything went fine.
I had to use REMSH in order to let the sever see the clients
I also had to edit the R.HOSTS file in each server (ignite sever and clients) to this end I used the root account I each server.
Having done this anyone who accesses the ignite server has a direct root access to each of the servers doing a simple TELNET
How can I make mi ignite server more secure I know that patching the server and having a good password for root is a great start but what else can I do?
I created an account of a lesser level than root in each server, the username I created is ignite, but when I tried to run ignite it displays a message that тАЬYOU NEED SUPERUSER RIGHTS TO USE THIS APPLICATIONтАЭ, which leaves me back at the begging.
Solved! Go to Solution.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-12-2006 03:50 AM
тАО06-12-2006 03:50 AM
SolutionIf I remember correctly, you no longer need the .rhosts after Ignite is installed.
Ignite uses NFS to perform the backups once it is configured, and as long as /etc/exports is configured correctly the backup will work fine.
I have my systems run a weekly ignite backup via root's cron to the ignite server with the following command:
/opt/ignite/bin/make_net_recovery -s pegasus -n 2 -x inc_entire=vg00 > /tmp/ignite.results 2>&1
where pegasus is the ignite server. I do not have any .rhosts files on the systems.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-12-2006 04:45 AM
тАО06-12-2006 04:45 AM
Re: Ignite server
One of the enhancements I've been asking for over the years is for Ignite to use openssh instead of the R-protocols.
Seems there has been some improvement but not total. An Ignite server brings many benefits, which you are aware of if you are configured. The cost is it can not be as secure as you wish.
I used to comment out the r-protocols in inetd.conf because they are only needed during Ignite operations. I'd reactivate them only when booting clients and it was needed. To do a make_net_recovery to nfs, there is no need for connectivity with the r-protocols. I think thats the essence of the first post.
SEP
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-12-2006 09:22 AM
тАО06-12-2006 09:22 AM
Re: Ignite server
thank you
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-12-2006 09:53 AM
тАО06-12-2006 09:53 AM
Re: Ignite server
https://h20293.www2.hp.com/portal/swdepot/try.do?productNumber=HPUXIEXP1111
You can select one or more of the products to download for free. sudo should always be configured with specific commands for a given user (not ALL..)
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-30-2006 05:30 AM
тАО06-30-2006 05:30 AM
Re: Ignite server
You were right guys editing .rhosts is not necesary
But now im getting the following error when runnins make_net_recovery
gzip: stdout: File too large
ERROR: The gzip command failed (exit status 1).
ERROR: The make_sys_image command failed. The system recovery archive will
not be created
any ideas ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-30-2006 06:52 AM
тАО06-30-2006 06:52 AM
Re: Ignite server
Bill Hassell, sysadmin
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-30-2006 07:15 AM
тАО06-30-2006 07:15 AM
Re: Ignite server
Hello.
I dont think its a file.. this error is happening with several servers, and the few servers that do work their image size is below 2GB.
Im only backuping up VG00 and exluding some filesystems that do not belong to the O.S.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-30-2006 07:24 AM
тАО06-30-2006 07:24 AM
Re: Ignite server
What ignite version?
Hope this helps!
Regards
Torsten.
__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!
If you feel this was helpful please click the KUDOS! thumb below!
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
тАО06-30-2006 07:31 AM
тАО06-30-2006 07:31 AM
Re: Ignite server
A lot of our archives are 2 gigs+
So on your ignite server you just have to
fsadm -o largefiles /mntpoint where your archives are. By default it should be /var. But I sym link to a different filesystem in case it fills up from my images. Or if I need to grow the filesystem its just easier if the filesystem isn't a vg00 one.
Once you've added the largefiles, exportfs them again and it should work.