Posts Tagged ‘Solairs’

REMOVE A FILE STARTING WITH A Dash “-“

September 26th, 2021, posted in Solaris
Share

ls |grep -i file
–file1

$ rm –file1
rm: illegal option — file1
usage: rm [-fiRr] file …

rm “–file1”
rm: illegal option — file1
usage: rm [-fiRr] file …

Solution:
$ rm ./–file1
$ ls|grep -i file

Share

ENABLE HTTPS ON ORACLE M SERIES SERVERS(XSCF)

September 4th, 2021, posted in Solaris
Share

If you have not enabled https on your M series servers, this is how you enable it.

 

Description From Oracle :
Hypertext Transfer Protocol (HTTP) over an authenticated/encrypted connection allows you to use the XSCF web browser securely. This is called the HTTPS service. Authentication is provided with a certificate authority and private keys. To use the HTTPS service, you must enable it, and provide an optional port number. The default port is 443. To enable HTTPS service, use the sethttps command”


1) Login to your xscf of the server through ssh
Assuming you have already configured network on xscf and enable ssh. If not, you can login through console/console server, configure network interface on xscf and then you can proceed with further steps.


2) Once you are in xscf, check the status of https
XSCF> showhttps
HTTPS status: disabled
 


3) Generate a self signed certificate.
XSCF> sethttps -c selfsign US California Irvine mycompany [email protected]
CA key and CA cert already exist. Do you still wish to update? [y|n] :y
Enter passphrase:
Verifying – Enter passphrase:


4) Check the HTTPS Status
XSCF> showhttps
HTTPS status: disabled
Server key: installed in Jul 16 12:46:20 MST 2013
CA key: installed in Jul 16 12:46:18 MST 2013
CA cert: installed in Jul 16 12:46:18 MST 2013
CSR:
—–BEGIN CERTIFICATE REQUEST—–
MIIB0zCCATwCAQAwgZIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MQ8wDQYDVQQHEwZDdWx2ZXIxDTALBgNVBAoTBENpdHkxDDAKBgNVBAsTA1NQRTER
MA8GA1UEAxMIRUlTLVVOSVgxLTArBgkqhkiG9w0BCQEWHmVpcy11bml4LXNlcnZp
Y2VzQHNwZS5zb255LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA54QN
BSBfflQBtIgL3LqRKTqHixMP/TTmeMANy8yz723hcLDBTT9EarKkDb2IVqHE
ENb5mp8N7hJpGDzUPhn3XdD0+XoP2iaFeqQtihMqCob/bC21Me6gQDIdZoRK4sRj
FJ0ODjdB9sDj4KFKUkE4TIh3Jimz8wHn4VXbqGECAwEAAaAAMA0GCSqGSIb3DQEB
BAUAA4GBALMsMV5NugRnZwJfGiQbB6KNILMbCHg8xrF9IarFopt7uLDOxUoKvjQb
NDoGF+/tjxrADEZqSAmWeqiVZyI/0e2lU58si4TFZwEtjv6wopJVRkyg9XLfNe7
FB5DkBOI2Rihn6+SP0C3c/OOWNKo5BKekbeXennuWMJJbHDvRW6U
—–END CERTIFICATE REQUEST—–
It will be still disabled, we haven’t enabled the https yet.


5) Now we shall enable https:
XSCF> sethttps -c enable
Continue? [y|n] :y
Please reset the XSCF by rebootxscf to apply the https settings.


6) Reset XSCF
XSCF> rebootxscf
The XSCF will be reset. Continue? [y|n] :y
execute S10ioxoffXSCF>   —  complete
Jul 16 12:48:35 myhost XSCF[104]: XSCF shutdown sequence start
execute K000end  —  complete
execute K100end  —  complete
execute K101end  —  complete
<Lines Omitted>


7) Once the XSCF is up check the https status, now it will be enabled.
XSCF> showhttps
HTTPS status: enabled
Server key: installed in Jul 16 12:52:04 MST 2013
CA key: installed in Jul 16 12:52:04 MST 2013
CA cert: installed in Jul 16 12:52:04 MST 2013
CSR:
—–BEGIN CERTIFICATE REQUEST—–
MIIB0zCCATwCAQAwgZIxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlh
MQ8wDQYDVQQHEwZDdWx2ZXIxDTALBgNVBAoTBENpdHkxDDAKBgNVBAsTA1NQRTER
MA8GA1UEAxMIRUlTLVVOSVgxLTArBgkqhkiG9w0BCQEWHmVpcy11bml4LXNlcnZp
Y2VzQHNwZS5zb255LmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA54QN
BSBfflQBtIgL3LqRKTqHixMP/TTmeMANy8yz723hcLDBTT9EarKkDb2IVqHE
ENb5mp8N7hJpGDzUPhn3XdD0+XoP2iaFeqQtihMqCob/bC21Me6gQDIdZoRK4sRj
FJ0ODjdB9sDj4KFKUkE4TIh3Jimz8wHn4VXbqGECAwEAAaAAMA0GCSqGSIb3DQEB
BAUAA4GBALMsMV5NugRnZwJfGiQbB6KNILMbCHg8xrF9IarFopt7uLDOxUoKvjQb
NDoGF+/tjxrADEZqSAmWeqiVZyI/0e2lU58si4TFZwEtjv6wopJVRkyg9XLfNe7
FB5DkBOI2Rihn6+SP0C3c/OOWNKo5BKekbeXennuWMJJbHDvRW6U
—–END CERTIFICATE REQUEST—–


8) Login to XSCF from your web browser and confirm everything is operational.
https://<your_xscf_hostname_or_ip>


REFERENCES :
Share

Capture Snapshot From ILOM

July 25th, 2021, posted in Solaris
Share
1)
-> cd /SP/diag/snapshot
 
2) specify the host and directory where the snapshot will be transferred. 
-> set dump_uri=ftp://<valid_ftpuser>@ip_address//<directory>
Enter remote user password: *******
Set ‘dump_uri’ to ‘ftp://[email protected]<ip_address>//tmp’

3) Check status of “snapshot”
-> show

/SP/diag/snapshot

   Targets:

   Properties:

       dataset = normal
       dump_uri = (Cannot show property)
       encrypt_output = false
       result = Running  <– check for completed status

4) Check for the completion of snapshot
-> show

/SP/diag/snapshot

   Targets:

   Properties:

       dataset = normal
       dump_uri = (Cannot show property)
       encrypt_output = false
       result = Collecting data into
ftp://[email protected]<ip_address>//tmp/v4v-t5120a-sp_<ip_address>_2013-08-10T17-43-27.zip
Snapshot Complete.

Done.
References:
Share

SSH ERROR No Hostkey Alg

July 18th, 2021, posted in Solaris
Share

Do not ever change the file permissions of rsa and dsa keys. I was working on troubleshooting some ssh issue and I decided to give read permissions to everyone on file /etc/ssh/ssh_host_rsa_key and the next thing I know I cant login to the server via ssh.

#ssh testbox01
no hostkey alg

#ls -l /etc/ssh/ssh_host_rsa_key
-rw——-. 1 root ssh_keys   1679 Nov 25  2014 ssh_host_rsa_key

#ls -l /etc/ssh/ssh_host_dsa_key
-rw——-   1 root     root         668 Aug 20  2007 /etc/ssh/ssh_host_dsa_key

#ls -l /etc/ssh/ssh_host_rsa_key.pub
-rw-r–r–. 1 root root        382 Nov 25  2014 ssh_host_rsa_key.pub
#ls -l /etc/ssh/ssh_host_dsa_key.pub
-rw-r–r–. 1 root root        382 Nov 25  2014 ssh_host_dsa_key.pub
Make sure the permissions are set to 0600 for the private ssh keys and 0644 for public ssh keys(default public keys under /etc/ssh ends with an extension .pub)
Share