NAME
mxagentconfig - configures the agent to work with a CMS
SYNOPSIS
mxagentconfig -a [ -n <hostname> ] [ -u <login> ] [ -o <host|user> ]
[ -p <password> ]
mxagentconfig -a [ -n <hostname> ] [ -u <login> ] [ -o <host|user> ]
[ -f <filespec> ]
mxagentconfig -a [ -n <hostname> ] [ -u <login> ] [ -o <host|user> ]
[ -s <password> ]
mxagentconfig -a [ -n <hostname> ] [ -u <login> ] [ -o <host|user> ]
mxagentconfig -c [ -n <hostname> ] [ -u <login> ]
mxagentconfig -r [ -n <cms_hostname> ]
DESCRIPTION
The mxagentconfig Configures SSH on a managed node by pushing the CMS
public key to a users ssh key directory and then appending that key to
the authenticated keys file. The user must be a valid ssh user on the
managed node prior to run this command. Each "run-as user" will need
to have the CMS public key added to their authenticated keys file in
order to use the Distributed Task Facility (DTF) to executed tasks on
the specified managed node (including the CMS itself). Please note
that tool definitions which do not specify a run-as user will run as
the calling user.
The *password that is required for this command is the login password
of the specified user on the managed node.
The CLI command can accept multiple hostnames. The user account and
password must be the same for all hostnames given with a single
command. Otherwise they have to be specified in the file passed to
the command with -f option.
OPTIONS
mxagentconfig recognizes the following options:
-a Directs mxagentconfig to push the CMS public key to a given
user on one or more nodes to manage.
-r Directs mxagentconfig to remove the managed nodes's host key
from CMS's known_hosts file.
-c Directs mxagentconfig to check whether the managed nodes was
configured for CMS access.
-n <hostname>
Specifies the hostname of a node to manage. If this option
is not specified, the CMS is used as the default value.
-o <user|host>
Specifies whether to config the managed node with SSH
hostbased authentication or user key based authentication.
If this option is not specified, the target nodes will be
configured using hostbased authention.
-u <login>
The user name to enable SSH execution.
-p <password>
The *password of the given user on the managed node. When
typing a password on the command line, if the password
contains special characters that the shell might interpret
(e.g. $ or &) be sure to quote the string with single quotes
(').
-f <filespec>
Specify an input file. This input file can contain a
password or can contain a managed node list to config. If
the file contains a nodelist, the first line of the file
must be "MXAGENTCONFIG_NODELIST_FILE". Each node record
occupy a line and is in the format of
nodename,username,password. Except nodename field, other two
fields can be empty. The empty field will be substituted
with the corresponding field specified at the commandline
when execution. For example, line "target1,," will direct
mxagentconfig config node target1 using the username and
password specified in -u and -p options.
-s <password>
Specify an encoded password used by CMS internal tools.
RETURN VALUE
Upon completion, mxagentconfig returns one of the following error
codes:
0 The agent was correctly configured and no errors occurred.
>0 An error occured during operation.
AUTHOR
mxagentconfig was developed by the Hewlett-Packard Company.
FILES
Server: /etc/opt/mx/config/sshtools/.dtfSshKey.pub
/etc/opt/mx/config/sshtools/known_hosts
Managed Node: ~/.ssh/.<cms_name>.dtfSshKey.pub ~/.ssh/authorized_keys2
~/.ssh/authorized_keys2.bak
SEE ALSO for HP-UX
mxexec(1M).
SEE ALSO for Linux
mxexec(8).
* Note: Care must be taken when specifying passwords on the command-
line. This makes them available in the command history, in the process
list while executing, and in the audit log if executed as part of a
task. Be sure to clear your command history, or use alternate methods
for specifying passwords, e.g. prompt, input file.