Use the ssh Command to Log In to a Headless System in Trusted Extensions (Solaris Trusted Extensions Installation and Configuration)

Solaris Trusted Extensions Installation and Configuration

Use the `ssh` Command to Log In to a Headless System in Trusted Extensions

This procedure enables you to use the command line to administer a headless system as superuser. To use Trusted Extensions GUIs, complete the steps for remote display in Use the rlogin Command to Log In to a Headless System in Trusted Extensions.

Before You Begin

The headless system must have enough memory to use the Solaris Management Console. The requirements are the same as for the Solaris OS. For details, see System Requirements and Recommendations in Solaris Express Installation Guide: Basic Installations.

If the administrator's desktop system is configured with Trusted Extensions, the headless system is identified as a CIPSO system on the desktop system. For details, see How to Assign a Security Template to a Host or a Group of Hosts in Solaris Trusted Extensions Administrator’s Procedures.

You have completed Enable Remote Login in Trusted Extensions.

You are a user who is enabled to log in to the headless system.

On the Trusted Extensions desktop system, open a Trusted Path workspace.
- If your user account has direct access to the global zone, create a Trusted Path workspace, then open a terminal window.
- If your user account does not have direct access to the global zone, assume a role, then open a terminal window.

From this terminal window, remotely log in to the headless system.
desktop $ ssh -l username-on-headless headless Password: Type the headless user's password headless $
The terminal window now displays actions on the headless system.

Become superuser.

If you are not in the global zone on the headless system, switch user to root in the same terminal window:
headless $ su - root Password: Type the root password
You can now administer the headless system by using the command line.

To administer the system by using the administrative GUIs, enable the headless system to display its processes on the desktop. For details, see Use the rlogin Command to Log In to a Headless System in Trusted Extensions.

Example 6–1 Setting Up Remote Administration of a Headless System

In this example, the administrator sets up a labeled headless system from a labeled desktop system. As in the Solaris OS, the administrator enables X server access to the desktop system and sets the DISPLAY variable on the headless system.

TXdesk1 $ xhost + TXnohead4
TXdesk1 $ whoami
config1
TXdesk1 $ uname -n ; echo $DISPLAY
TXdesk1
:1.0

TXdesk1 $ ssh -l install1 TXnohead4
Password: Ins1PwD1
TXnohead4 $

In the global zone, the administrator sets the DISPLAY variable.

TXnohead4 # su -
Password: abcd1EFG
TXnohead4 # setenv DISPLAY TXdesk1:1.0
TXnohead4 # export DISPLAY=TXdesk1:1.0

Then, the administrator starts the Solaris Management Console.

TXnohead4 # /usr/sbin/smc &

Finally, the administrator selects the This Computer (TXnohead:Scope=Files, Policy=TSOL) toolbox.