Before You Begin
You must have the rights to create a user, assign a password, and assign the Compliance Assessor rights profile. The root role has all of these rights. For more information, see Using Your Assigned Administrative Rights in Securing Users and Processes in Oracle Solaris 11.4.
For example, create the cpltester user on the local host.
Local # useradd -c "Assessment Admin" -u 1111 -m -s /usr/bin/pfbash \ -K profiles="Compliance Assessor" -S files cpltester Local # passwd cpltester New Password: Re-enter new Password: passwd: password successfully changed for cpltester
Repeat the useradd and passwd commands exactly on the remote systems. For more information about user account options, see the useradd(8) man page.
For example, in the /etc/hosts file on 192.0.2.111 add entries for 192.0.2.122 and all other hosts.
## /etc/hosts on 192.0.2.111 x86 ::1 myx86 localhost 127.0.0.1 myx86 localhost loghost 192.0.2.122 mysparc 192.0.2.113 host3 192.0.2.114 host4 ...
In the file on 192.0.2.122, add entries for 192.0.2.111 and all other hosts.
## /etc/hosts on 192.0.2.122 sparc ::1 mysparc localhost 127.0.0.1 mysparc localhost loghost 192.0.2.111 myx86 ...
These instructions are similar to the instructions for remotely administering ZFS in How to Remotely Administer ZFS With Secure Shell in Managing Secure Shell Access in Oracle Solaris 11.4.
cpltester $ ssh-keygen -t rsa -P "" Generating public/private rsa key pair. Your identification has been saved in $HOME/.ssh/id_rsa Your public key has been saved in $HOME/.ssh/id_rsa.pub The key fingerprint is: SHA256:BLNj0v9...izsQ cpltester@Local The key's randomart image is: +---[RSA 2048]----+ | o .=B| ...
The remote system's file name for the originating system's .ssh/id_rsa.pub file is .ssh/authorized_keys.
Hostn $ cd; mkdir -m 700 .ssh
Type your password when prompted. You can use the cat >> or the scp command.
The following command uses the cat >> command:
Local $ cd; cat .ssh/id_rsa.pub | ssh Remote-IP-address \ 'cat >> /export/home/cpltester/.ssh/authorized_keys && echo "Key copied"'
The following command uses the scp command:
Local $ cd; scp /export/home/cpltester/.ssh/id_rsa.pub \ cpltester@Remote-IP-address:/export/home/cpltester/.ssh/authorized_keys
As the user, ssh to each remote system. You should not be prompted for a password.
As the user, ssh to each remote system using the IP address, the hostname, and the FQDN. All ssh connections should authenticate without a password.