HP UX Whitelisting 5 Configuring, 5.1Authorizing the recovery key, 5.2 Authorizing administrator keys, [-p, [-p, wliadm, wliadm

5 Configuring

When WLI installation completes, the system reboots. The kernel rebuilt with WLI components becomes active, enabling WLI services. By default, SD-UX configuration scripts execute following the reboot. SD-UX configuration can optionally be postponed by the installer. Whether SD-UX configuration completes during or following system initialization, a few manual steps are necessary to bring WLI to a completely operational state. To take full advantage of WLI features, perform the following tasks:

•Authorize the recovery key

•Authorize administrator keys

•Identify and sign essential DLKMs

•Back up the WLI database

•Reboot with security mode set to restricted

5.1Authorizing the recovery key

After WLI is installed and the server is rebooted, the wliadm command must be executed to initialize database files and authorize the recovery key. Root user (user ID 0) authority is required to execute the initialization command:

%wliadm -i<pub_key> -k<priv_key> [-p<src:val>]

where:

<pub_key> is the public key file extracted from <priv_key> in PEM format.

<priv_key> is an OpenSSL-generated RSA key file in PEM format.

<src:val> is the passphrase source and value. If the -poption is not included, A prompt appears for the passphrase at the /dev/tty device.

You can execute this command only once for each installation. The specified key becomes the recovery key for WLI. The recovery key is a special key for granting administrator authority to other RSA keys and should be stored safely. You can replace it by reinstalling WLI or restoring the WLI database backup described in this section. After the recovery key is authorized, it can grant WLI administrative capability to other keys. The recovery key is limited to granting administrator capability.

5.2 Authorizing administrator keys

At least one administrator key is necessary to authorize the WLI administrator commands. To simplify security maintenance, the number of authorized administrator keys should be minimal, even though an unlimited amount is allowed. The recovery key generated in the previous procedure must generate the first administrator key.

An administrator key can be used for all WLI operations, including granting itself capabilities. For details on authorizing keys for WLI administration, see wliadm(1M). For details on granting capabilities, see wlicert(1M).

HP recommends all administrator keys are authorized before the reboot because the database file holding administrator keys cannot be backed up or restored after the system is rebooted with WLI security mode set as restricted.

Root user (user ID 0) authority is not required to authorize a key for WLI administration. The user must have read permission on the key and know the passphrase. To authorize an administrator key:

%wliadm -n<user>.<instance> -k<priv_key> [-p<src:val>] <pub_key> where: