NAME

      mxagentconfig - configures the agent to work with a CMS


SYNOPSIS

      mxagentconfig -a [ -n  <hostname> ] [ -u	<login> ] [ -o	<host|user> ]
      [ -p  <password> ]
      mxagentconfig -a [ -n  <hostname> ] [ -u	<login> ] [ -o	<host|user> ]
      [ -f  <filespec> ]
      mxagentconfig -a [ -n  <hostname> ] [ -u	<login> ] [ -o	<host|user> ]
      [ -s  <password> ]
      mxagentconfig -a [ -n  <hostname> ] [ -u	<login> ] [ -o	<host|user> ]
      mxagentconfig -c [ -n  <hostname> ] [ -u	<login> ]
      mxagentconfig -r [ -n  <cms_hostname> ]


DESCRIPTION

      The mxagentconfig Configures SSH on a managed node by pushing the CMS
      public key to a users ssh key directory and then appending that key to
      the authenticated keys file.  The user must be a valid ssh user on the
      managed node prior to run this command.  Each "run-as user" will need
      to have the CMS public key added to their authenticated keys file in
      order to use the Distributed Task Facility (DTF) to executed tasks on
      the specified managed node (including the CMS itself).  Please note
      that tool definitions which do not specify a run-as user will run as
      the calling user.

      The *password that is required for this command is the login password
      of the specified user on the managed node.

      The CLI command can accept multiple hostnames.  The user account and
      password must be the same for all hostnames given with a single
      command.	Otherwise they have to be specified in the file passed to
      the command with -f option.

    OPTIONS
      mxagentconfig recognizes the following options:

	   -a	Directs mxagentconfig to push the CMS public key to a given
		user on one or more nodes to manage.

	   -r	Directs mxagentconfig to remove the managed nodes's host key
		from CMS's known_hosts file.

	   -c	Directs mxagentconfig to check whether the managed nodes was
		configured for CMS access.

	   -n <hostname>
		Specifies the hostname of a node to manage. If this option
		is not specified, the CMS is used as the default value.

	   -o <user|host>
		Specifies whether to config the managed node with SSH
		hostbased authentication or user key based authentication.
		If this option is not specified, the target nodes will be
		configured using hostbased authention.

	   -u <login>
		The user name to enable SSH execution.

	   -p <password>
		The *password of the given user on the managed node.  When
		typing a password on the command line, if the password
		contains special characters that the shell might interpret
		(e.g. $ or &) be sure to quote the string with single quotes
		(').

	   -f <filespec>
		Specify an input file. This input file can contain a
		password or can contain a managed node list to config. If
		the file contains a nodelist, the first line of the file
		must be "MXAGENTCONFIG_NODELIST_FILE". Each node record
		occupy a line and is in the format of
		nodename,username,password. Except nodename field, other two
		fields can be empty. The empty field will be substituted
		with the corresponding field specified at the commandline
		when execution. For example, line "target1,," will direct
		mxagentconfig config node target1 using the username and
		password specified in -u and -p options.

	   -s <password>
		Specify an encoded password used by CMS internal tools.


RETURN VALUE

      Upon completion, mxagentconfig returns one of the following error
      codes:

	     0	The agent was correctly configured and no errors occurred.
	    >0	An error occured during operation.

AUTHOR

      mxagentconfig was developed by the Hewlett-Packard Company.

FILES

      Server: /etc/opt/mx/config/sshtools/.dtfSshKey.pub
      /etc/opt/mx/config/sshtools/known_hosts
      Managed Node: ~/.ssh/.<cms_name>.dtfSshKey.pub ~/.ssh/authorized_keys2
      ~/.ssh/authorized_keys2.bak

SEE ALSO for HP-UX

      mxexec(1M).

SEE ALSO for Linux

      mxexec(8).

      * Note: Care must be taken when specifying passwords on the command-
      line. This makes them available in the command history, in the process
      list while executing, and in the audit log if executed as part of a
      task. Be sure to clear your command history, or use alternate methods
      for specifying passwords, e.g. prompt, input file.