SSP Local and Remote Access Using Trusted Solaris Software

Trusted Solaris access to the SSP console is different from Solaris access because of Trusted Solaris role constraints.

SSP Local Access

On a Solaris SSP console, the ssp user can directly log in. On a Trusted Solaris SSP console, an administrator first logs in as a user who can assume the ssp role, then assumes the role.

On a Solaris SSP console, the superuser can directly log in, or can use the su(1M) command to become superuser. On a Trusted Solaris SSP console, an administrator who can assume the root role first logs in as a user, then assumes the role.

SSP Remote Access

To access the ssp user remotely on a Solaris SSP, a user can rlogin(1) or telnet(1) to the SSP and then log in as the ssp user. A user can also CDE rlogin to the SSP, then CDE log in as the ssp user.

To access the ssp role remotely on a Trusted Solaris SSP:

• From another Trusted Solaris workstation, assume the ssp role. In the ssp role, rlogin(1) to the SSP. This method works only from another Trusted Solaris SSP because only a Trusted Solaris SSP has the ssp role.

• From another Trusted Solaris workstation, perform a CDE remote login to the SSP. The SSP becomes the remote host on your local Trusted Solaris workstation. Then perform a CDE login to the SSP as a user who can assume the ssp role, and assume the ssp role. This method does not require the local Trusted Solaris workstation to have the ssp role. You can use this method to access remotely the Trusted Solaris SSP from any local Trusted Solaris workstation.

These methods also work for accessing the root role on the Trusted Solaris SSP. See "Remote Administration Options" in Trusted Solaris Administrator's Procedures for a full discussion of remote administration.