Sun Cluster 3.0 System Administration Guide

6.1.3 How to Work With New Cluster Node Authentication

Sun Cluster enables you to determine if new nodes can add themselves to the cluster and with what type of authentication. You can permit any new node to join the cluster over the public network, deny new nodes from joining the cluster, or indicate a specific node that can join the cluster. New nodes can be authenticated by using either standard UNIX or Diffie-Hellman (DES) authentication. If you select DES authentication, you must also configure all necessary encryption keys before a node can join. See the keyserv(1M) and publickey(4) man pages for more information.

  1. Become superuser on a node in the cluster.

  2. Enter the scsetup(1M) utility.

    # scsetup

    The Main Menu appears.

  3. To work with cluster authentication, enter 5 (New nodes).

    The New Nodes menu appears.

  4. Make your selection from the menu and follow the onscreen instructions. Examples--Preventing New Machines From Being Added to the Cluster

The following example shows the scconf(1M) command generated from the scsetup utility that would prevent new machines from being added to the cluster.

# scconf -a -T node=. Examples--Permitting All New Machines to Be Added to the Cluster

The following example shows the scconf command generated from the scsetup utility that would enable all new machines to be added to the cluster.

# scconf -r -T all Examples--Specifying a New Machine to Be Added to the Cluster

The following example shows the scconf command generated from the scsetup utility to enable a single new machine to be added to the cluster.

# scconf -a -T node=phys-schost-4 Examples--Setting the Authentication to Standard UNIX

The following example shows the scconf command generated from the scsetup utility to reset to standard UNIX authentication for new nodes joining the cluster.

# scconf -c -T authtype=unix Examples--Setting the Authentication to DES

The following example shows the scconf command generated from the scsetup utility to use DES authentication for new nodes joining the cluster.

# scconf -c -T authtype=des

Note -

When using DES authentication, you need to also configure all necessary encryption keys before a node can join the cluster. See the keyserv(1M) and publickey(4) man pages for more information.