Login or Register to Ask a Question and Join Our Community


AIX

HMC ssh_config file edit

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Operating Systems AIX HMC ssh_config file edit
# 1  
Old 12-28-2017
HMC ssh_config file edit
Hi,

How can we edit ssh_config file on HMC server.

Best regards,
# 2  
Old 12-28-2017
It's probably a daft question in response, but why would you want to? IBM have it set and pretty much lock it down so you don't tamper with it. Any changes that you might make could well be lost when you update it.

What would you like to achieve?



Robin
# 3  
Old 12-28-2017
I have to close using # same line because ssh daemon using weak algorithm such as hmac-sha1-96 and hmac-md5-96.

We have to close it according to penetration test.
# 4  
Old 01-06-2018
short answer:

you cannot.

long answer:

hack the HMC and you can do it. If you cannot hack it, you shouldn't do it. Just upgrade it.
This User Gave Thanks to agent.kgb For This Post:
rbatte1
# 5  
Old 01-08-2018
Quote:
Originally Posted by agent.kgb
If you cannot hack it, you shouldn't do it.
Amen to that!

IBM made the HMC not a "system", but an "appliance", meaning: it shouldn't be looked at as just another computer with an OS but like something more akin to a toaster.

The reason is to avoid all sorts of mayhem an inexperienced/incompetent administrator could cause to this very central and essential system. We even had a complete discussion thread about this: [Opinion] A Public Answer To Rob McNelly.

While i still do not think this construct is well-thought i can appreciate the notion that incompetent administrators pose a risk for the operation of the HMC. So, if you are knowledgeable enough to hack your way into the HMC you are probably knowledgeable enough to avoid becoming a liability yourself. And if you are not, then it is probably for the best that you are being kept off the system.

bakunin
This User Gave Thanks to bakunin For This Post:
rbatte1
# 6  
Old 01-27-2018
Anyway, the official answer would be something like:
* open a PMR and request a special code so that you can su to root (from memory something called the 'pesh')
* with the root prompt - you can edit what ever you want.

I am sure part of the 'official' solution would be to discuss what level of HMC code you are running. Maybe this problem goes away with an HMC update!

As you never said (and noone asked) I'll just assume you have learned to update your HMC. If it is at version 8.6 or higher, and it is still using the low-grade encryption elements - open a PMR to IBM for a bug-fix. As it is clearly time for it to be gone!

(and because I am curious - what level of HMC - were - you at?
# 7  
Old 01-29-2018
I suppose you will need to be careful about the managed host firmware and the LPAR AIX versions in play. Make sure you can list them all to IBM. The HMC will be able to give you the fireware on each bit of managed hardware.

Do you have two HMCs in play here? Perhaps one is at a remote site.




Robin
Login or Register to Ask a Question

Previous Thread | Next Thread

10 More Discussions You Might Find Interesting

1. UNIX for Advanced & Expert Users

Edit file

Hi All, I have file with 200K Records and each line with 400 character. I need to edit the some part of the file. For example, i need to edit character from 115 to 125, 135to 145 and 344 to 361 Can you please anyone help me to do this? Regards, (1 Reply)
Discussion started by: balasubramani04
1 Replies

2. UNIX for Dummies Questions & Answers

Modify the ssh_config file in Cygwin

Hi all, I have installed Cygwin on my PC and am trying to modify the ssh_config file in the folder 'c:\cygwin\etc\defaults\etc'. However I noticed the owner of that file belongs to root. Unfortunately when I'm opening cygwin each time the default displayed path = 'username@PC', which means I... (1 Reply)
Discussion started by: isaacniu
1 Replies

3. Shell Programming and Scripting

Edit a file

I have file like cp -p /var/adm/ /tmp1/tmp1.log cp -p /var/adm/ /tmp1/tmp2.log cp -p /var/adm/ /tmp1/tmp3.log cp -p /var/adm/ /tmp1/tmp4.log I need to re-write the file like: cp -p /var/adm/tmp1.log /tmp1/ cp -p /var/adm/tmp2.log /tmp1/ cp -p /var/adm/tmp3.log /tmp1/ cp -p... (3 Replies)
Discussion started by: h_banka
3 Replies

4. Shell Programming and Scripting

Script to Edit the file content and create new file

I have a requirement, which is as follows *. Folder contains list of xmls. Script has to create new xml files by copying the existing one and renaming it by appending "_pre.xml" at the end. *. Each file has multiple <Name>fileName</Name> entry. The script has to find the first occurance of... (1 Reply)
Discussion started by: sudesh.ach
1 Replies

5. Shell Programming and Scripting

Edit value in File

I have a file oratab with entry like this SCADAG:/esitst1/oracle/product/9.2.0.8:Y I am trying to discover a way to change the 9.2.0.8 part of this to something like 10.2.0.4 as part of an upgrade script. I have tried cat /etc/oratab >>/tmp/oratab... (1 Reply)
Discussion started by: sewood
1 Replies

6. UNIX for Dummies Questions & Answers

edit a .fs file

I have a .fs file that I want to edit, (or just be able to see what is in it) preferably through a windows environment. Does anyone know how to do that? Thanks (4 Replies)
Discussion started by: kiterboy
4 Replies

7. Shell Programming and Scripting

diff between ssh_config & sshd_config

Hi, Can anybody brief me the difference between ssh_config & sshd_config. I am looking for the functionality difference. any help appreciated Shihab (4 Replies)
Discussion started by: shihabvk
4 Replies

8. UNIX for Advanced & Expert Users

ssh_config

Hi, I have to create an sftp configuration file. the requirement is like this Encryption algorithm : ArcFour (Implementation of the 128bit RC4 algorithm) ‘arcfour128' Fallback: (3DES algorithm) ‘3des' How do I check the arcfour128 is implementation of RC4? Also I dont see 3des algorithm... (0 Replies)
Discussion started by: shihabvk
0 Replies

9. UNIX for Dummies Questions & Answers

Edit the File

Hello Everyone I am new to this forum. I am having a requirement to edit the file(the file is having some sql code). And this file is in my colleagues login. This is readonly Now I would like to edit this file. In which way can I do this? (1 Reply)
Discussion started by: pradkumar
1 Replies

10. UNIX for Dummies Questions & Answers

file name edit

ok I have a list of files for example: 130-4-32.HindIII.0.ids 130-4-32.HindIII.0.ppm 130-4-32.HindIII.0.ppm.gz 130-4-33.HindIII.0.bands 130-4-33.HindIII.0.ics 130-4-33.HindIII.0.ids 130-4-33.HindIII.0.ppm 130-4-33.HindIII.0.ppm.gz 130-4-34.HindIII.0.bands ... (1 Reply)
Discussion started by: lorcet222
1 Replies
Login or Register to Ask a Question