Reflection for Secure IT UNIX Client version 7.0
Reflection for Secure IT Windows Client version 7.0
Configuring CA SiteMinder
Follow the steps below to configure SiteMinder to allow SSH connections to the Reflection for IT UNIX Server by creating a LOGINAPPL in eTrustAccessControl for the SSH daemon.
- On the UNIX server, locate the path for sshd2. By default, the path is /usr/sbin/sshd2.
- Run the selang administration utility to invoke the command shell, for example, /opt/AC/eTrustAccessControl/bin/selang.
- At the selang prompt, enter the following command (all on one line):
newres LOGINAPPL SSH2 defacc(x) audit(failure) owner(nobody) loginpath(/usr/sbin/sshd2) loginflags(none) loginmethod(normal) loginsequence(sgrp,suid)
- If there are no errors after entering the new LOGINAPPL, enter the following command at the selang prompt to verify that the new entry exists:
sr loginappl ssh2
- Stop and restart the eTrust Access Control services.
Verify the Setting
Once the eTrust Access Control services have been restarted, follow these steps to verify that the changes to LOGINAPPL have been made active.
- Using SSH, connect to the host where eTrust Access Control is installed.
- Once connected, at the command prompt enter sewhoami âa.
The host reply should show your correct user name and terminal details.