Sun N1 System Manager 1.1 Administration Guide

Security

This section provides security-based troubleshooting information.

The Sun N1 System Manager Server uses strong encryption techniques to ensure secure communication between the management server and each managed server.

The keys used by the Sun N1 System Manager are stored under the /etc/opt/sun/cacao/security directory on each server where the servers are running Linux. These keys should be identical across all servers. For servers running the Solaris OS, these keys are stored under the /etc/opt/SUNWcacao/security directory.

Under normal operation, these keys can be left in their default configuration. You might have to regenerate security keys. For example, if there is a risk that the root password of the management server has been exposed or compromised, regenerate the security keys.

ProcedureHow to Regenerate Common Agent Container Security Keys

Steps
  1. On the management server as root, stop the common agent container management daemon.

    If the management server is running Linux:


    # /opt/sun/cacao/bin/cacaoadm stop
    

    If the management server is running the Solaris OS:


    # /opt/SUNWcacao/bin/cacaoadm stop
    
  2. Regenerate security keys using the create-keys subcommand.

    If the management server is running Linux:


    # /opt/sun/cacao/bin/cacaoadm create-keys --force
    

    If the management server is running the Solaris OS:


    # /opt/SUNWcacao/bin/cacaoadm create-keys --force
    
  3. As root on the management server, restart the common agent container management daemon.

    If the management server is running Linux:


    # /opt/sun/cacao/bin/cacaoadm start
    

    If the management server is running the Solaris OS:


    # /opt/SUNWcacao/bin/cacaoadm start
    

General Security Considerations

The following list provides general security considerations that you should be aware of when you are using the N1 System Manager: