Rmcctrl?? Post: 302107145

Sponsored Content

Operating Systems AIX Rmcctrl?? Post 302107145 by dukessd on Wednesday 14th of February 2007 06:17:03 PM

02-14-2007

Registered User

My understanding:

The RMC subsystem enables remote management. It is used in clustering, HA / SP / CSM systems and between the HMC and it managed LPARS.

RMC can get confused for several reasons, like changing the hostname, installing LPARS using a cloned mksysb, etc.

The RMC key should be unique and created once the system is installed and configured.
The key is generated from, amongst other things, the hostname.

Of course the key is recreated during mksysb install but then when you customise the install (change the hostname for instance) it breaks the key.

/usr/sbin/rsct/install/bin/recfgct
Should recreate the key and cycle the RMC sybsystem.

I think the other commands are used to stop and then start the subsystem but I believe the /usr/sbin/rsct/install/bin/recfgct command should do this as it recreates the key.

The impact seems to be zero, the benefit seems to be that things like DLPAR start working again.

Depending on how the HMC and LPARS have been installed / configured you may need to run the commands on all LPARS and the HMC for things like DLPAR to burst into life.

http://publib.boulder.ibm.com/infoce...l5tra0710.html

So your commands would stop the subsystem, regenerate the key and then start the subsystem.

I'd use the -p switch as well to ensure remote connections are enabled.

dukessd

View Public Profile for dukessd

Find all posts by dukessd

LEARN ABOUT SUNOS

ickey

ickey(1M)																 ickey(1M)

NAME

       ickey - install a client key for WAN boot

SYNOPSIS

       /usr/lib/inet/wanboot/ickey [-d] [-o type=3des]

       /usr/lib/inet/wanboot/ickey [-d] [-o type=aes]

       /usr/lib/inet/wanboot/ickey [-d] [-o type=sha1]

       The ickey command is used to install WAN boot keys on a running UNIX system so that they can be used the next time the system is installed.
       You can store three different types of keys: 3DES and AES for encryption and an HMAC SHA-1 key for hashed verification.

       ickey reads the key from standard input using getpassphrase(3C) so that it does not appear on the command line. When installing keys  on  a
       remote system, you must take proper precautions to ensure that any keying materials are kept confidential. At a minimum, use ssh(1) to pre-
       vent interception of data in transit.

       Keys are expected to be presented as strings of hexadecimal digits; they can (but need not) be preceeded by a 0x or 0X.

       The ickey command has a single option, described below. An argument of the type -o type=keytype is required.

       The ickey command the following option.

       -d

	   Delete the key specified by the keytype argument.

       On success, ickey exits with status 0; if a problem occurs, a diagnostic message is printed and ickey exits with non-zero status.

       /dev/openprom

	   WAN boot key storage driver

       See attributes(5) for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWwbsup 		   |
       +-----------------------------+-----------------------------+
       |Interface Stability	     |Unstable			   |
       +-----------------------------+-----------------------------+

       ssh(1), openprom(7D), attributes(5)

								    7 May 2003								 ickey(1M)