Jump to content United States-English
HP.com Home Products and Services Support and Drivers Solutions How to Buy
» Contact HP
More options
HP.com home
 HP-UX AAA Server A.06.01 Administrator's Guide: HP-UX 11.0, 11i v1, 11i v2 > Chapter 3 Securing the HP-UX AAA Server

Changing the Default HP-UX AAA Server Settings
» 

Technical documentation

Complete book in PDF
» Feedback
Content starts here

 » Table of Contents

 » Glossary

 » Index

spacerspacerspacer
spacer
spacer
  		 
 

The following information explains how to increase the security of your HP-UX AAA Server by changing some of the default settings. HP recommends changing the default values to all customers.

Changing the Default “localhost” Proxy Settings

The HP-UX AAA Server includes a preconfigured proxy entry named localhost for use in loop-back testing. You should change the default shared secret value for the localhost proxy, or delete it if you do not plan to use loop-back testing. Use the following steps to change the shared secret for the default localhost proxy:

  1. Select Proxies in the Navigation Tree.

  2. Select localhost in the Main Screen.

  3. Change the default shared secret and confirm it by entering it again.

  4. Click the Modify Button.

Changing the Default “test_user” Settings

The HP-UX AAA Server includes a preconfigured user entry named test_user for use in loop-back testing. You should change the default password for test_user, or delete it if you do not plan to use loop-back testing. Use the following steps to change the password for the default test_user:

  1. Select Users in the Navigation Tree.

  2. Select test_user in the Main Screen.

  3. Change the default password and confirm it by entering it again.

  4. Click the Modify Button.

Changing the Default Tomcat User Name and Password

All Tomcat servers come with the same default user name and password. You should change the user name and password to unique values. Use the following steps to change the Tomcat user name and password:

  1. Open /opt/hpws/tomcat/conf/tomcat-users.xml

  2. Look for entries with the roles="tomcat" string. These entries are valid Tomcat user names and passwords.

  3. Modify the file to include only the user name and password you want to use. Use the following format:

    <user username="new user name" password="new password" roles="tomcat"/>

Changing the Default RMI Objects Secret

HP recommends changing the default RMI Objects secret. Use the following steps:

  1. Open /opt/hpws/tomcat/webapps/aaa/WEB-INF/gui.properties

  2. Look for the following entry:

    rmi.config.secret = "secret"

  3. Change the "secret" portion to a new value

  4. Open /opt/aaa/remotecontrol/rmiserver.properties

  5. Look for the following entry:

    rmi.config.secret = "secret"

  6. Change the "secret" portion to the same value configured in Step 3.

IMPORTANT: The rmi.config.secret in /opt/aaa/remotecontrol/rmiserver.properties and in /opt/hpws/tomcat/webapps/aaa/WEB-INF/gui.properties be identical.


Chapter 3 Securing the HP-UX AAA Server
  		 


Environment Specific Security Procedures  
Printable version
Privacy statement Using this site means you accept its terms Feedback to webmaster
© 2001-2004 Hewlett-Packard Development Company, L.P.