Sun Microsystems 4000 3connect Command Optional Parameters, Vcaadm connect host hostname dev vca2

Page 88

In the previous example, notice the vcaadm> prompt no longer displays the device instance number, hostname, or security officer name. To log in to another device, type the connect command with the following optional parameters.

TABLE 4-3connect Command Optional Parameters

Parameter

Meaning

 

 

 

dev

vcaN

Connect to the Sun Crypto Accelerator 4000 board with the driver

 

 

instance number of N. For example -d vca1 connects to the device

 

 

vca1; this defaults to device vca0.

host

hostname

Connect to the Sun Crypto Accelerator 4000 board on hostname

 

 

(defaults to the loopback address). hostname may be replaced with

 

 

the physical host’s IP address.

port

port

Connect to the Sun Crypto Accelerator 4000 board on port port

 

 

(defaults to 6870).

 

 

 

Example:

vcaadm{vcaN@hostname, sec_officer}> logout

vcaadm> connect host hostname dev vca2

Security Officer Login: sec_officer

Security Officer Password:

vcaadm{vcaN@hostname, sec_officer}>

vcaadm will not let you issue the connect command if you are already connected to a Sun Crypto Accelerator 4000 board. You must first logout and then issue the connect command.

Each new connection will cause vcaadm and the target Sun Crypto Accelerator 4000 firmware to renegotiate new session keys to protect the administrative data that is sent.

62 Sun Crypto Accelerator 4000 Board Installation and User’s Guide • May 2003

Image 88
Contents Page Please Recycle European Union Product Family Name Sun Crypto Accelerator 4000 Fiber X4012ASupplementary Information EN 609502000, 3rd Edition IEC 609502000, 3rd EditionSafety Page FCC Class a Notice Regulatory Compliance StatementsFCC Class B Notice ICES-003 Class a Notice Avis NMB-003, Classe a ICES-003 Class B Notice Avis NMB-003, Classe BBsmi Class a Notice Page Contents Installing the Sun Crypto Accelerator 4000 Board Configuring Driver ParametersContents Page Contents Diagnostics and Troubleshooting 119 134 SpecificationsThird Party License Terms Frequently Asked Questions Manual Pages Zeroizing the HardwareTables 106 108123 137141 144145 146Page Preface How This Book Is OrganizedUsing Unix Commands Solaris Hardware Platform GuideTypographic Conventions Shell PromptsAccessing Sun Documentation Online Sun Welcomes Your CommentsProduct Features Key Protocols and InterfacesSupported Applications Key FeaturesSupported Cryptographic Protocols Diagnostic Support Cryptographic Algorithm AccelerationSupported Cryptographic Algorithms 1IPsec Cryptographic AlgorithmsBulk Encryption 3Supported SSL Algorithms# touch /etc/opt/SUNWconn/cryptov2/sslreg # rm /etc/opt/SUNWconn/cryptov2/sslregHardware Overview IPsec Hardware AccelerationLED Displays Sun Crypto Accelerator 4000 MMF Adapter4Front Panel Display LEDs for the MMF Adapter Sun Crypto Accelerator 4000 UTP Adapter 2Sun Crypto Accelerator 4000 UTP Adapter5Front Panel Display LEDs for the UTP Adapter Dynamic Reconfiguration and High Availability Load SharingHardware and Software Requirements Required PatchesApache Web Server Patch 6Hardware and Software RequirementsSolaris 9 Patches Solaris 8 PatchesThere are currently no required Solaris 9 patches Page Installing the Sun Crypto Accelerator 4000 Board Handling the BoardTo Install the Hardware Installing the BoardOk show-devs Ok cd /pci@8,600000/network@1 Ok .properties To Install the Software Installing the Sun Crypto Accelerator 4000 Software# mount -F hsfs -o ro /dev/dsk/c0t6d0s2 /cdrom 1Files in the /cdrom/cdrom0 Directory VCA AdministrationVCA Firmware Installing the Optional Packages Install the required software packages by typing# prtdiag # modinfo grep CryptoDirectories and Files 2Sun Crypto Accelerator 4000 DirectoriesApache configuration support Encrypted keysApplication executables Development Application Support librariesRemoving the Software To Remove the SoftwarePage Configuring Driver Parameters Driver Parameter Values and Definitions 1vca Driver Parameter, Status, and DescriptionsAdvertised Link Parameters 2Operational Mode Parameters Flow Control Parameters 3Read-Write Flow Control Keyword Descriptions4Gigabit Forced Mode Parameter Gigabit Forced Mode ParameterInterpacket Gap Parameters 5Parameters Defining enable-ipg0and ipg0 Interrupt Parameters Random Early Drop Parameters7describes the receive interrupt blanking values 7RX Blanking Register for Alias ReadWhen Fifo threshold is greater than 6,144 bytes PCI Bus Interface Parameters 9PCI Bus Interface ParametersSetting vca Driver Parameters Setting Parameters Using the ndd UtilityTo Specify Device Instances for the ndd Utility Use the instance number to select the deviceNoninteractive and Interactive Modes Device remains selected until you change the selectionTo modify a parameter value, use the -setoption # ndd -set /dev/vcaN parameter valueNdd utility then prompts you for the name of the parameter # ndd /dev/vcaNSetting Autonegotiation or Forced Mode # ndd /dev/vcaSet the adv-autoneg-capparameter to To Disable Autonegotiation Mode# ndd -set /dev/vcaNadv-autoneg-cap Setting Parameters Using the vca.conf File To Set Driver Parameters Using a vca.conf FileRefer to the online manual pages for pathtoinst4 # grep vca /etc/driveraliases vca pci108e,3de810Device Path Name Example vca.conf File Following is an example vca.conf file11Local Link Network Device Parameters Ok boot netspeed=100,duplex=half Ok boot netspeed=1000,duplex=half,link-clock=masterOk boot netspeed=10,duplex=auto Ok boot netspeed=10Cryptographic Driver Statistics Refer to the Ieee 802.3 documentation for further details13describes the Ethernet driver statistics Ethernet Driver Statistics13Ethernet Driver Statistics 14describes the transmit and receive MAC counters 14TX and RX MAC CountersTx-underrun 15Current Ethernet Link Properties 16Read-Only vca Device Capabilities17describes the read-only link partner capabilities Reporting the Link Partner Capabilities17Read-Only Link Partner Capabilities 18Driver-Specific Parameters Ethernet Transmit CountersEthernet Receive Counters As superuser, type the kstat vcaN command To Check Link Partner Settings# kstat vcaN Network Configuration Configuring the Network Host FilesLocate the correct vca interfaces and instance numbers Instance number in the previous example is# cat /etc/hosts # Internet host table Localhost Zardoz Loghost Zardoz-11Page Using vcaadm $ PATH=$PATH/opt/SUNWconn/bin $ export PathModes of Operation Vcaadm command-line syntax is1shows the options for the vcaadm utility Single-Command Mode File Mode$ vcaadm -s secofficer create user webadmin $ vcaadm show userLogging In and Out With vcaadm Interactive Mode$ vcaadm -f deluser.scr -y Logging In to a Board With vcaadm Logging In to a New BoardLogging In to a Board With a Changed Remote Access Key # vcaadm -h hostnameVcaadm prompt in Interactive mode is displayed as follows Logging Out of a Board With vcaadmFollowing table describes the vcaadm prompt variables 2vcaadm Prompt Variable Definitions3connect Command Optional Parameters Vcaadm connect host hostname dev vca2Webadmin Entering Commands With vcaadmTom Getting Help for Commands VcaadmvcaN@hostname, secofficer set ?Quitting the vcaadm Program in Interactive Mode Select Fips 140-2 mode or non-FIPS mode Create a keystore name Refer to Naming Requirements onVerify the configuration information Enter the path and password to the backup file Managing Keystores With vcaadm Password RequirementsNaming Requirements 5Password Requirement Settings Setting the Password RequirementsPopulating a Keystore With Security Officers Populating a Keystore With Users Changing Passwords Listing Users and Security OfficersTo enable an account, enter the enable user command Enabling or Disabling UsersDeleting Security Officers Deleting UsersBacking Up the Master Key Locking the Keystore to Prevent Backups Setting the Auto-Logout Time Managing Boards With vcaadmDisplaying Board Status VcaadmvcaN@hostname, secofficer show status Board StatusResetting a Sun Crypto Accelerator 4000 Board Loading New FirmwareRekeying a Sun Crypto Accelerator 4000 Board Key TypesUsing the vcaadm diagnostics Command Zeroizing a Sun Crypto Accelerator 4000 BoardVcadiag command-line syntax is VcaadmvcaN@hostname, secofficer diagnostics1shows the options for the vcadiag utility Following is an example of the -DoptionFollowing is an example of the -Foption # vcadiag -D vca0Following is an example of the -Koption Following is an example of the -QoptionFollowing is an example of the -Roption Following is an example of the -ZoptionPage Administering Security for Sun ONE Web Servers Concepts and Terminology Tokens and Token Files Token FilesFollowing is an example of the contents in a token file Enabling and Disabling Bulk EncryptionPasswords Configuring Sun ONE Web Servers1Passwords Required for Sun ONE Web Servers Refer to Using vcaadm on Populating a KeystoreTo Populate a Keystore Populate the board’s keystore with usersOverview for Enabling Sun ONE Web Servers Create a user with the create user commandExit vcaadm Installing Sun ONE Web Server Installing and Configuring Sun ONE Web ServerTo Install Sun ONE Web Server Start the Sun ONE Web Server 4.1 Administration Server Response provides the URL for connecting to your serversTo Create a Trust Database Select OK# /opt/SUNWconn/bin/iplsslcfg To Generate a Server Certificate Type 0 to quitCreate Trust Database page is displayed Select the Cryptographic Module you want to use This password is the usernamepassword Table2Requestor Information Fields To Install the Server Certificate Configuring Sun ONE Web Server 4.1 for SSL To Configure the Sun ONE Web ServerFill out the form to install your certificate 3Fields for the Certificate to InstallWeb server is now configured to run in secure mode Set encryption to OnUsr/iplanet/servers Create the trust database for the web server instance Start the Sun ONE Web Server 6.0 Administration Server# /usr/iplanet/servers/https-admserv/start # /opt/SUNWconn/crypto/bin/iplsslcfg To Generate a Server Certificate Create Trust Database window is displayed 4Requestor Information Fields To Install the Server Certificate Configuring Sun ONE Web Server 6.0 for SSL 5Fields for the Certificate to InstallSelect the OK button to apply these changes Page 111 To Enable the Apache Web Server Create an httpd configuration fileEnabling the Board for Apache Web Servers Enabling Apache Web ServersSelect 1 to configure your Apache Web Server to use SSL Create an RSA keypair for your systemCreating a Certificate Choose a base name for the key materialProvide a key length between 512 and 2048 bits Create your PEM pass phraseTo Create a Certificate Modify the /etc/apache/httpd.conf file as directed Select 0 to quit when you finish with apsslcfg Start the Apache Web Server Copy your certificate request with the headers from# /usr/apache/bin/apachectl start Diagnostics and Troubleshooting SunVTS Diagnostic SoftwarePage As superuser, start SunVTS To Perform vcatest# /opt/SUNWvts/bin/sunvts Page Test Parameter Options for vcatest Vcatest Command-Line Syntax2describes the vcatest subtests To Perform netlbtest To Perform nettest VcaN up inet ip-addressplumb Diagnostics and Troubleshooting Using kstat to Determine Cryptographic Activity # kstat Vca0Using the OpenBoot Prom FCode Self- Test Performing the Ethernet FCode Self-Test DiagnosticOk setenv auto-boot? false Shut down the systemReset the system Perform the self-test using the test commandOk reset-all Ok show-netsSet the auto-boot?configuration parameter to true Reset and reboot the systemType the following If the test passes, you see the following messagesTroubleshooting the Sun Crypto Accelerator 4000 Board Show-devsProperties Watch-net Connectors Sun Crypto Accelerator 4000 MMF AdapterFigure A-1Sun Crypto Accelerator 4000 MMF Adapter Connector Table A-1SC Connector Link Characteristics Ieee P802.3zPerformance Specifications Physical DimensionsPower Requirements Interface Specifications Environmental SpecificationsTable A-5Interface Specifications Table A-6Environmental SpecificationsFigure A-2Sun Crypto Accelerator 4000 UTP Adapter Connector Table A-7Cat-5 Connector Link CharacteristicsTable A-9Performance Specifications Table A-10Power RequirementsTable A-11Interface Specifications Table A-12Environmental SpecificationsPage SSL Configuration Directives for Apache Web Servers Table B-1SSL Protocols Preceding statement is equivalent to SSL Aliases Table B-4Special Characters to Configure Cipher Preference Default value of cipher-specisTable B-3SSL Aliases Context Global, virtual host Table B-5SSL Verify Client LevelsTable B-6SSL Log Level Values Options are listed and described in Table B-7 Table B-7Available SSL OptionsOpt/SUNWconn/cryptov2/include Page Software Licenses Page Appendix D Software Licenses Openssl License Issues Third Party License TermsOriginal SSLeay License Modssl License Appendix D Software Licenses Page Man -M /opt/SUNWconn/man Table E-1Sun Crypto Accelerator 4000 Online Manual PagesKcl2 device driver is a multithreaded loadable kernel module Zeroizing the Hardware Page Reconnect to Sun Crypto Accelerator 4000 board with vcaadm Page Frequently Asked Questions # chmod 400 password.conf Enter the following command Reboot the systemEnter the following command at the OBP prompt Boot the operating environmentHow Do I Self-Sign a Certificate for Testing? Extension IndexAdvertised link parameters Commands Failsafe mode Page Pause capability Rx-intr-pktsparameter, 25 Command-line syntax, 123 test parameter optionsVca driver URL Vca.conf file, exampleWatch-netcommand Zeroize command, 163 zeroizing the hardware
Related manuals
Manual 334 pages 12.65 Kb Manual 72 pages 39 Kb Manual 28 pages 54.7 Kb

4000 specifications

Sun Microsystems, a pivotal player in the computing industry during the late 20th and early 21st centuries, was renowned for its innovative hardware and software solutions. Among its notable offerings were the Sun-6000, Sun-5000, and Sun-4000 series, powerful workstations and servers designed for a range of enterprise-level applications.

The Sun-6000 series, introduced in the early 1990s, marked a significant advancement in computing performance. These systems were built on the SPARC architecture, which facilitated high levels of processing power and multitasking capabilities. One of the main features of the 6000 series was its scalability, allowing organizations to increase their processing power by adding more modules. It also offered robust graphics performance, making it ideal for scientific visualization and complex data analysis.

Next in line was the Sun-5000 series. Launched shortly after the 6000 series, the 5000 line was celebrated for its reliability and ease of management. This series emphasized a balanced architecture, which combined processing capabilities with ample memory and storage options. Key characteristics included support for multiple processors, leading to improved performance for demanding applications. Additionally, the 5000 systems featured advanced input/output capabilities, ensuring fast data transfers—crucial for database applications and web servers.

Finally, the Sun-4000 series targeted businesses seeking affordable yet potent computing solutions. These servers boasted a modular design, allowing for easy upgrades and maintenance. The 4000 series was particularly notable for its support for various operating systems, including SunOS and Solaris. These systems were engineered to handle a range of workloads, from enterprise resource planning to web hosting, while still fitting into a value-driven budget.

Across all three series, Sun Microsystems prioritized compatibility and integration, ensuring that each system offered seamless connectivity with Sun's software solutions and third-party applications. Their commitment to open standards and interoperability set them apart in the competitive landscape of enterprise computing. Additionally, the use of high-quality components lent the systems durability, making them a wise investment for organizations looking to future-proof their IT infrastructure.

In summary, the Sun-6000, 5000, and 4000 series exemplified Sun Microsystems' ethos of innovation and reliability. These powerful systems catered to diverse business needs, setting benchmarks in performance and functionality that continue to influence modern computing.