HPE Community
HPE 9000 and HPE e3000 Servers
1753355 Members
5306 Online
108792 Solutions
New Discussion юеВ

Re: rp7400 Nclass GSP admin access

 
Geoff Gowers_1
Frequent Advisor

тАО11-11-2005 01:14 AM

тАО11-11-2005 01:14 AM

rp7400 Nclass GSP admin access


Hi, I have been looking at GSP on an N class server. The requirement is to setup and enable remote GSP access. However, the only login available to us is the default 'enter''enter' login from local terminal.

LS shows setup as local loopback address 127.0.0.0
LC command returns 'Administrator use only' whilst RP returns 'command only valid from local host'

I note that gsp fw is only at A.01.06
On hard reset of core iocard - even with 10sec hold down of reset button - gsp resets ok, but does not allow Admin/Admin sign in, or Oper/Oper , and enter/enter remains not an administrator session.

My thoughs are that to upgrade gsp fw would be a good idea,and then if admin use not resolved then use interactive command on Gsp reset to reset pwds.

However , can't do that immediately , so request any other ideas , or confirmation that this is/is not the right path to resolve Admin access.

Thanks. Geoff
0 Kudos
9 REPLIES 9
Geoff Gowers_1
Frequent Advisor

тАО11-13-2005 05:51 AM

тАО11-13-2005 05:51 AM

Re: rp7400 Nclass GSP admin access

It also occurs to me that without lan access to the GSP, I will have a problem updating GSP firmware, or at least that's how I have previously update GSP firmware.!
0 Kudos
Sameer_Nirmal
Honored Contributor

тАО11-13-2005 03:20 PM

тАО11-13-2005 03:20 PM

Re: rp7400 Nclass GSP admin access

Hi ,

I am wondering as you saying the GSP reset was OK.Did you see a message to confirm if you want to clear password after you press the GSP Reset Button?

I guess the passwords reset funcationality was made available with Version A.1.09 onwards.

In case of Version A.1.06 , there is a way to bypass the authorization and access GSP using GSP Internal Port . This port could be accessed from HP-UX OE.
Refer following procedure.

Accessing GSP Internal Port
The GSP Internal Port can be used as a back door to reset security options in case the
administrator password is forgotten, for example. It needs to be configured in order to
use it.
(1) On the N4000, the GSP Internal Port should be /dev/tty1p0.
(2) SAM does not configure this port.
(3) If the device file is not present, it can be created via:
#mknod tty1p0 c 1 0x010000
(4) Since this allows unrestricted access to the GSP and bypasses GSP security features
(no user or password required), MAKE SURE TO SECURE THIS DEVICE FILE
TO ALLOW ONLY ROOT ACCESS.
(5) The internal port can be accessed via terminal emulators such as cu.. To use cu, you
need the following entries: (The entries must be exactly as shown).
/usr/lib/uucp/Systems needs this entry:
gspiport Any;5 gspiport,f 9600 - "" \r\d\r\d\r ogin:-BREAKogin:
uucp asswrd: uucp-BREAK-ogin: uucp asswrd: uucp
(The spelling looks unusual above, bot it needs to be
exactly as shown).
/usr/lib/uucp/Devices needs this entry:
gspiport tty1p0 - 9600 direct
(6) When all of this is done, you should be able to access the GSP Internal port via the
command: cu -l /dev/tty1p0.
(7) To terminate a cu session, use ~. (return) to terminate.

Once you have un-restricted access to the GSP, you know better your way to make things work for you.

The latest version of GSP A is A.1.12 . So you need to get it upgraded as well.
0 Kudos
Torsten.
Acclaimed Contributor

тАО11-14-2005 03:17 AM

тАО11-14-2005 03:17 AM

Re: rp7400 Nclass GSP admin access

As mentioned, you should update the GSP firmware to A.1.12. I guess your PDC is also out of date - in this update it. current version is 43.43, patch name PHSS_31214 (11.00) or PHSS_30724 (11.11).
Once this is done, connect a serial terminal to the console port and use "LC" for LAN configuration and "SO" to setup some users.

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
0 Kudos
Geoff Gowers_1
Frequent Advisor

тАО11-14-2005 04:13 AM

тАО11-14-2005 04:13 AM

Re: rp7400 Nclass GSP admin access

Thanks Torsten and Sameer.
Hoever still remains a question that if I cannot setup lan, or execute XD/XU commands by not being seen as a local Administrator, then how is firmware update applied !
0 Kudos
Torsten.
Acclaimed Contributor

тАО11-14-2005 04:37 AM

тАО11-14-2005 04:37 AM

Re: rp7400 Nclass GSP admin access

Did you try to access the GSP via the internal port? This should work.

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.
__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
0 Kudos
Andrew Rutter
Honored Contributor

тАО11-14-2005 07:18 AM

тАО11-14-2005 07:18 AM

Re: rp7400 Nclass GSP admin access

geoff,

The gsp on the N4000 does not have the Admin/oper logins
This was only available in the newer Management platform boards

If you login as just enter/enter then you are in as an administrator so can configure as you like.

go into LC command and configure lan and then you will beable to login remotely. It is advisable to change the login password though first.

you can then update the GSP firmware.

Andy
0 Kudos
Geoff Gowers_1
Frequent Advisor

тАО11-14-2005 09:04 PM

тАО11-14-2005 09:04 PM

Re: rp7400 Nclass GSP admin access

Hi, Thanks, still not yet been able to try via the internal port.

Andrew - thats the point of the question ! We can reset passwords, and login enter enter, but dont have admin authority to do LC on the local console port !
0 Kudos
Geoff Gowers_1
Frequent Advisor

тАО12-11-2005 11:02 PM

тАО12-11-2005 11:02 PM

Re: rp7400 Nclass GSP admin access

OK, I have had a chance to revisit this - tried again to enable /reset lan, and connect via loopback address (!!) . No retried options worked.

Setup uucp directories as advice above. Was not clear if uucp Systems entry was one line or two - but tried both alternatives.

The internal port did not open:
connect failed: line problem

Run out of time now - will close this thread, and expect that impending firmware update from tape will resolve problem . If not will revisit !
0 Kudos
Geoff Gowers_1
Frequent Advisor

тАО01-16-2006 02:26 AM

тАО01-16-2006 02:26 AM

Re: rp7400 Nclass GSP admin access

In the end, I could not get the internal port uucp setup to work.

We got a slot on the server and swapped out the core io card with a test server.
Once I removed the nvram battery for a while (15 min) and replaced, the card properly reset itself and I was then able to enable and setup lan, and upgrade to current level.

Thanks again for your inputs
0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.