1830944 Members
1952 Online
110017 Solutions
New Discussion

GSP logs access from OS

 
V Panchapakesan
Advisor

GSP logs access from OS

Can the GSP Service Logs, accessed (collected) from OS? If yes, kindly guide.
I WANT TO BELIEVE
1 REPLY 1
Vincenzo Restuccia
Honored Contributor

Re: GSP logs access from OS

Accessing Guardian Service Processor Internal Port
The Guardian Service Processor (GSP) internal port can be used as a "back door" to reset
security options in case the GSP administrator password is forgotten, for example. It can
also be used in order to upgrade the GSP firmware from an HP-UX session. The internal
port needs to be configured in order to use it.
1. On the system, the GSP internal port should be /dev/tty1p0.
2. SAM does not configure the GSP internal port.
3. If the device file is not present, it can be created as follows:
#cd/dev
#mknod tty1p0 c 1 0x010000
4. Since this allows unrestricted access to the GSP and bypasses GSP security features (no
user or password required). Make sure to delete this device file when you have finished
using it.
5. The internal port can be accessed via terminal emulators such as cu. To use cu, you
need the follow entries (the entries must be exactly as shown):
/usr/lib/uucp/Systems needs the following entry:
gspiport Any;5 gspiport,f900 - ''''\r\d\r\d\r ogin:-BREAK-ogin:
uucp asswrd: uucp-BREAK-ogin: uucp asswrd: uucp
The spelling looks unusual, but it needs to be exactly as shown.
/usr/lib/uucp/Devices needs the following entry:
gspiport tty1p0 - 9600 direct
6. when all of the configuration is done, you should be able to access the GSP internal port
with the cu command:
cu-1/dev/tty1p0
7. To terminate the cu session, use "~." [return]
8. Kermit can also be used to access the special device file. See the kermit web pages for
details.
CAUTION Securing the /dev/tty1p0 device file with root capabilities will not prevent
non-root users from accessing the GSP internal port. This is due to the fact
that cu and kermit carry root access and run with the sticky bit enabled.
To secure the internal port from unauthorized use, be sure to remove the
/dev/tty1p0 file after using it.