Veritas Access Installation Guide
- Introducing Veritas Access
- Licensing in Veritas Access
- System requirements- Important release information
- System requirements- Linux requirements- Operating system RPM installation requirements and operating system patching
- Kernel RPMs that are required to be installed with exact predefined RPM versions
- OL kernel RPMs that are required to be installed with exact predefined RPM versions
- Required operating system RPMs for OL 7.4
- Required operating system RPMs for RHEL 7.3
- Required operating system RPMs for RHEL 7.4
 
- Software requirements for installing Veritas Access in a VMware ESXi environment
- Hardware requirements for installing Veritas Access virtual machines
- Management Server Web browser support
- Supported NetBackup versions
- Supported OpenStack versions
- Supported Oracle versions and host operating systems
- Supported IP version 6 Internet standard protocol
 
- Linux requirements
- Network and firewall requirements
- Maximum configuration limits
 
- Preparing to install Veritas Access
- Deploying virtual machines in VMware ESXi for Veritas Access installation
- Installing and configuring a cluster- Installation overview
- Summary of the installation steps
- Before you install
- Installing the operating system on each node of the cluster
- Installing Veritas Access on the target cluster nodes
- About managing the NICs, bonds, and VLAN devices
- About VLAN tagging
- Replacing an Ethernet interface card
- Configuring I/O fencing
- About configuring Veritas NetBackup
- About enabling kdump during an Veritas Access configuration
- Reconfiguring the Veritas Access cluster name and network
- Configuring a KMS server on the Veritas Access cluster
 
- Automating Veritas Access installation and configuration using response files
- Displaying and adding nodes to a cluster
- Upgrading Veritas Access and operating system
- Upgrading Veritas Access using a rolling upgrade
- Uninstalling Veritas Access
- Appendix A. Installation reference
- Appendix B. Configuring the secure shell for communications
- Appendix C. Manual deployment of Veritas Access
Setting up the SSH and the RSH connections
You can use the pwdutil.pl utility to set up the SSH and the RSH connections automatically. This utility can be located at /opt/VRTS/repository/ga/images/SSNAS/7.4.0.0/scripts/pwdutil.pl.
# ./pwdutil.pl -h
Usage:
Command syntax with simple format:
    pwdutil.pl check|configure|unconfigure ssh|rsh <hostname|IP addr> 
				[<user>] [<password>] [<port>]
Command syntax with advanced format:
    pwdutil.pl [--action|-a 'check|configure|unconfigure']
               [--type|-t 'ssh|rsh']
               [--user|-u  '<user>']
               [--password|-p '<password>']
               [--port|-P '<port>']
               [--hostfile|-f '<hostfile>']
               [--keyfile|-k '<keyfile>']
               [-debug|-d]
               <host_URI>
    pwdutil.pl -h | -?Table: Options with pwdutil.pl utility
| Option | Usage | 
|---|---|
| --action|-a 'check|configure|unconfigure' | Specifies the action type. The default value is 'check'. | 
| --type|-t 'ssh|rsh' | Specifies the connection type. The default value is 'SSH'. | 
| --user|-u '<user>' | Specifies the user ID. The default value is the local user ID. | 
| --password|-p '<password>' | Specifies the user password. The default value is the user ID. | 
| --port|-P '<port>' | Specifies the port number for the SSH connection. The default value is 22. | 
| --keyfile|-k '<keyfile>' | Specifies the private key file. | 
| --hostfile|-f '<hostfile>' | Specifies the file which lists the hosts. | 
| -debug | Prints the debug information. | 
| -h|-? | Prints the help messages. | 
| <host_URI> | Can be in the following formats: hostname user:password@hostname user:password@hostname: port | 
You can check, configure, and unconfigure SSH or RSH using the pwdutil.pl utility. For example:
- To check SSH connection for only one host: - pwdutil.pl check ssh hostname 
- To configure SSH for only one host: - pwdutil.pl configure ssh hostname user password 
- To unconfigure RSH for only one host: - pwdutil.pl unconfigure rsh hostname 
- To configure SSH for multiple hosts with the same user ID and password: - pwdutil.pl -a configure -t ssh -u user -p password hostname1 hostname2 hostname3 
- To configure SSH or RSH for different hosts with a different user ID and password: - pwdutil.pl -a configure -t ssh user1:password1@hostname1 user2:password2@hostname2 
- To check or configure SSH or RSH for multiple hosts with one configuration file: - pwdutil.pl -a configure -t ssh --hostfile /tmp/sshrsh_hostfile 
- To keep the host configuration file safe, you can use the 3rd-party utility to encrypt and decrypt the host file with password. - For example: - ### run openssl to encrypt the host file in base64 format # openssl aes-256-cbc -a -salt -in /hostfile -out /hostfile.enc enter aes-256-cbc encryption password: <password> Verifying - enter aes-256-cbc encryption password: <password> ### remove the original plain text file # rm /hostfile ### run openssl to decrypt the encrypted host file # pwdutil.pl -a configure -t ssh 'openssl aes-256-cbc -d -a -in /hostfile.enc' enter aes-256-cbc decryption password: <password> 
- To use the ssh authentication keys that are not under the default $ - HOME/.sshdirectory, you can use --keyfile option to specify the ssh keys. For example:- ### create a directory to host the key pairs: # mkdir /keystore ### generate private and public key pair under the directory: # ssh-keygen -t rsa -f /keystore/id_rsa ### setup ssh connection with the new generated key pair under the directory: # pwdutil.pl -a configure -t ssh --keyfile /keystore/id_rsa user:password@hostname 
You can see the contents of the configuration file by using the following command:
# cat /tmp/sshrsh_hostfile user1:password1@hostname1 user2:password2@hostname2 user3:password3@hostname3 user4:password4@hostname4 # all default: check ssh connection with local user hostname5 The following exit values are returned: 0 Successful completion. 1 Command syntax error. 2 Ssh or rsh binaries do not exist. 3 Ssh or rsh service is down on the remote machine. 4 Ssh or rsh command execution is denied due to password is required. 5 Invalid password is provided. 255 Other unknown error.