Archive for the ‘SMF’ Category
Disable Telnet Session
Bellow this, is procedure to block/stop/disable telnet service at solaris 10
bash> vi /etc/inetd.conf (then put comment out ‘#’ below) #telnet stream tcp6 nowait root /usr/sbin/in.telnetd in.telnetd
(then stop and restart services)
bash> /etc/rc2.d/S72inetsvc stop bash> /etc/rc2.d/S72inetsvc start
or
bash> /etc/init.d/inetsvc stop bash> /etc/init.d/inetsvc start
Update:
Solaris 10 x86 updae 6, telnet was offline/disable by default
bash>cat /etc/release Solaris 10 10/08 s10x_u6wos_07b X86 Copyright 2008 Sun Microsystems, Inc. All Rights Reserved. Use is subject to license terms. Assembled 27 October 2008
bash>svcs |grep telnet offline 13:08:13 svc:/network/telnet:default
Setting NTP Server & Client in Solaris 10 (update)
Setting NTP ( Network Time Protocol) on Solaris 10
Configuring an NTP Server
1. Edit file ntp.conf
bash> cp /etc/inet/ntp.server /etc/inet/ntp.conf bash> vi /etc/inet/ntp.conf
Add server address for ntp server
server 1.id.pool.ntp.org server 1.asia.pool.ntp.org server 3.asia.pool.ntp.org broadcast 224.0.1.1 ttl 4 enable auth monitor driftfile /var/ntp/ntp.drift statsdir /var/ntp/ntpstats/ filegen peerstats file peerstats type day enable filegen loopstats file loopstats type day enable filegen clockstats file clockstats type day enable keys /etc/inet/ntp.keys trustedkey 0 requestkey 0 controlkey 0
Save your change configuration
2. Refresh daemon NTP
bash> touch /var/ntp/ntp.drift bash> svcadm enable svc:/network/ntp
Configuring an NTP Client
1. Edit file ntp.conf
bash> cp /etc/inet/ntp.client /etc/inet/ntp.conf
bash> touch /var/ntp/ntp.drift
bash> vi /etc/inet/ntp.conf server 10.10.10.1 prefer # IP NTP Server Primary server 10.10.10.2 # IP NTP Server Secondary driftfile /var/ntp/ntp.drift
2. Refresh daemon NTP
bash> svcadm enable svc:/network/ntp bash> svcadm refresh svc:/network/ntp bash> svcadm restart svc:/network/ntp
You can use “ntpq -p” to monitor ntpd’s performance.
Ssh in Solaris
This post is about service ssh in solaris 9 or 10
Solaris 9
Disable service ssh ?
bash> /etc/init.d/sshd stop bash> /etc/rc3.d/S89sshd stop
Enable service ssh ?
bash> /etc/init.d/sshd start bash> /etc/rc3.d/S89sshd start
Refresh service ssh ?
bash> kill -HUP `cat /var/run/sshd.pid`
Solaris 10
First you can check service ssh with command
bash> svcs | grep ssh online Jan_21 svc:/network/ssh:default
If status ssh offline, you can make online with command:
bash> svcadm enable -t network/ssh:default bash> /lib/svc/method/sshd start
Disable service ssh ?
bash> svcadm disable -t network/ssh:default
Restart service ssh ?
bash> svcadm restart network/ssh:default bash> /lib/svc/method/sshd restart
Refresh service ssh ?
bash> svcadm refresh network/ssh:default
For a root enable connect to host via ssh service
bash> vi /etc/ssh/sshd_config
[....] # Valid options are yes, without-password, no. PermitRootLogin no [....]
Replace no with yes, after that save the edited configuration.
Don’t forget for the restart service ssh, after edit configuration.
Create User Who Can Only Connect Through FTP
This is was created user “only” connect through FTP,Used in Solaris 9
bash> uname -sr SunOS 5.9
bash> cat /etc/shells /bin/bash [....] /bin/ftpaccess /sbin/sh