HPE Community
Operating System - HP-UX
1822543 Members
2855 Online
109642 Solutions
New Discussion юеВ

SRP - SSH - direct login to their compartments

 
viveksnv
Occasional Advisor

тАО07-29-2010 02:44 AM

тАО07-29-2010 02:44 AM

SRP - SSH - direct login to their compartments

Hi all,

I have a setup the SRP with ssh template. Compartment login is also enabled.

Now user's are able do SSH login as normal user but with read only permission.

Is there anyway to setup user's directly login to their compartment directory ?.

-----

# ssh -l user1

# getprocxsec
effective= BASIC
permitted= BASIC
retained= BASIC
cmpt=
euid= zero

----
Share your views
Never say, "oops." Always say, "Ah, interesting."
0 Kudos
Reply
2 REPLIES 2
rariasn
Honored Contributor

тАО07-29-2010 03:10 AM

тАО07-29-2010 03:10 AM

Re: SRP - SSH - direct login to their compartments

Hi,

http://bizsupport1.austin.hp.com/bc/docs/support/SupportManual/c02075054/c02075054.pdf

5.1 Establising a User Session in the SRP
HP recommends the following two methods to establish a user session from an SRP:
├в ┬в srp_su: Use this command from the INIT compartment to establish a user session within the specified SRP compartment. Note that by default, this command is restricted to the root user. See 3 Executing the su Command in the Target SRP for instructions on how to use the srp_su command.
├в ┬в Secure Shell (SSH): If you have applied the SSH template to the SRP, you can now connect across the network to the SRP via Secure Shell. Note that since all SRP├в s share a common host name, you should specify the SRP├в s specific IP address to ensure that you connect to the desired SRP. See 11 Using the sshd Template for instructions on how to apply the Secure Shell template

rgs,
0 Kudos
Reply
viveksnv
Occasional Advisor

тАО07-29-2010 03:44 AM

тАО07-29-2010 03:44 AM

Re: SRP - SSH - direct login to their compartments

Hi rariasn,

Thanks for your reply.

---
'srp_su' - Execute the su command in the specified HP-UX Secure Resource Partition.
---

my problem/requirement is simple. for example


SRP name - test_srp
SRP ip - 172.16.1.10
SRP directory - /var/hpsrp/test_srp


If user viveksnv, connect SRP via SSH, he should be loggin to his compartment area - /var/hpsrp/test_srp. not in " / "

# ssh -l viveksnv 172.16.1.10

logged in...

$ pwd
/ - It should be "/var/hpsrp/test_srp)

$ rm vik.txt
vik.txt: 644 mode ? (y/n) y
rm: vik.txt not removed. Permission denied - ( Read-Only permission

$ getprocxsec
effective= BASIC
permitted= BASIC
retained= BASIC
cmpt= test_srp
euid= non-zero

Thanks again for your reply.
Never say, "oops." Always say, "Ah, interesting."
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.