HPE Community
Operating System - HP-UX
1822552 Members
3008 Online
109642 Solutions
New Discussion

Re: SRP - SSH - direct login to their compartments

 
viveksnv
Occasional Advisor

‎07-29-2010 02:44 AM

‎07-29-2010 02:44 AM

SRP - SSH - direct login to their compartments

Hi all,

I have a setup the SRP with ssh template. Compartment login is also enabled.

Now user's are able do SSH login as normal user but with read only permission.

Is there anyway to setup user's directly login to their compartment directory ?.

-----

# ssh -l user1

# getprocxsec
effective= BASIC
permitted= BASIC
retained= BASIC
cmpt=
euid= zero

----
Share your views
Never say, "oops." Always say, "Ah, interesting."
0 Kudos
Reply
2 REPLIES 2
rariasn
Honored Contributor

‎07-29-2010 03:10 AM

‎07-29-2010 03:10 AM

Re: SRP - SSH - direct login to their compartments

Hi,

http://bizsupport1.austin.hp.com/bc/docs/support/SupportManual/c02075054/c02075054.pdf

5.1 Establising a User Session in the SRP
HP recommends the following two methods to establish a user session from an SRP:
â ¢ srp_su: Use this command from the INIT compartment to establish a user session within the specified SRP compartment. Note that by default, this command is restricted to the root user. See 3 Executing the su Command in the Target SRP for instructions on how to use the srp_su command.
â ¢ Secure Shell (SSH): If you have applied the SSH template to the SRP, you can now connect across the network to the SRP via Secure Shell. Note that since all SRPâ s share a common host name, you should specify the SRPâ s specific IP address to ensure that you connect to the desired SRP. See 11 Using the sshd Template for instructions on how to apply the Secure Shell template

rgs,
0 Kudos
Reply
viveksnv
Occasional Advisor

‎07-29-2010 03:44 AM

‎07-29-2010 03:44 AM

Re: SRP - SSH - direct login to their compartments

Hi rariasn,

Thanks for your reply.

---
'srp_su' - Execute the su command in the specified HP-UX Secure Resource Partition.
---

my problem/requirement is simple. for example


SRP name - test_srp
SRP ip - 172.16.1.10
SRP directory - /var/hpsrp/test_srp


If user viveksnv, connect SRP via SSH, he should be loggin to his compartment area - /var/hpsrp/test_srp. not in " / "

# ssh -l viveksnv 172.16.1.10

logged in...

$ pwd
/ - It should be "/var/hpsrp/test_srp)

$ rm vik.txt
vik.txt: 644 mode ? (y/n) y
rm: vik.txt not removed. Permission denied - ( Read-Only permission

$ getprocxsec
effective= BASIC
permitted= BASIC
retained= BASIC
cmpt= test_srp
euid= non-zero

Thanks again for your reply.
Never say, "oops." Always say, "Ah, interesting."
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.