Topic
  • No replies
strus_fr
strus_fr
1 Post

Pinned topic Automatically access EFS data- question

‏2013-06-24T19:21:51Z |

Hi,

I have read with a great interrest the following article about EFS: http://www.ibmsystemsmag.com/aix/tipstechniques/systemsmanagement/Open-SSH-Public-Key-Authentication-on-EFS-Enabled/?page=2

So, we have tried to implement it to protect an Oracle DB and it worked great UNTIL we wanted to automate the process for a user who needs to login from a non-AIX system. Indeed, it seems IBM modified the ssh server and client to add the AllowPKCS12keystoreAutoOpen option which is not ported on the 'standard' ssh client which can be found on Linux or Windows.

So, the simple question is: how do you achieve the same result from a non AIX systems?

Is the only solution to create a third server containing a regular SSH server/client to accept the non-AIX remote users, and which will automatically exec an AIX ssh client session to open the EFS keystore?

I hope it is clear enough...

Thanks.