This chapter briefly discusses planning information for PSSP-related licensed programs that you might want to consider when planning your SP system. See Chapter 11, "Planning for migration" for versions supported, coexistence, or migration information. For complete detailed information on the individual licensed programs, see their books which are listed in Bibliography.
| Enhanced security options: |
|---|
|
As of PSSP 3.2 you have the option of running your SP system with an enhanced level of security. The restricted root access option removes the dependency PSSP has to internally issue rsh and rcp commands as a root user from a node. Any such actions can only be run from the control workstation or from nodes configured to authorize them. PSSP does not automatically grant authorization for a root user to issue rsh and rcp commands from a node. If you enable this option some procedures might not work as documented. For example, to run HACMP an administrator must grant the authorizations for a root user to issue rsh and rcp commands that PSSP would otherwise grant automatically. With PSSP 3.4 you can use a secure remote command process to run in place of the rsh and rcp commands. Each of the licensed programs discussed in this chapter might be affected in some way with these enhanced security options enabled. See Considering restricted root access, Considering a secure remote command process, and Considering choosing none for AIX remote command authorization for descriptions of these options. See the respective licensed program publications for information about running them under various PSSP security configurations. |