Configure agent deployment to UNIX and Linux nodes

If you want to deploy HTTPS agents to nodes that have a supported UNIX or Linux operating system, you must configure a suitable secure shell client on the management server. The secure shell client must provide secure file transfer and remote command execution functionality.

By default, HPOM does not configure a secure shell client as part of the management server. You must configure your own. For convenience, third-party software (PuTTY) is available in the following folder:

<install_dir>\contrib\OVOW\PuTTY

If you choose to use this third-party software, copy the files PLINK.EXE, PSCP.EXE and runplink.cmd to any folder that is included in your PATH environment variable. For example, if you installed the management server into c:\Program Files\HP\HP BTO Software, you could copy the files into the following folder:

c:\Program Files\HP\HP BTO Software\bin

DISCLAIMER:
PuTTY is not HP software. It is provided "as is" for your convenience. You assume the entire risk relating to the use or performance of PuTTY.

After you install a suitable secure shell client, you must configure the management server to use the client. You must configure the following attributes in the namespace depl.mechanisms.ssh:

• COPY
  This attribute defines a command that the management server can use to copy files to remote UNIX and Linux nodes.
• EXEC
  This attribute defines a command that the management server can use to execute commands on remote UNIX and Linux nodes.

You can view and change these attributes using the commands ovconfget and ovconfchg from a command prompt. You must configure appropriate values for whichever secure shell client you install. By default, the attributes have the following values:

[depl.mechanisms.ssh]
COPY=pscp -q  -batch -pw <passwd> <sourcefile> <user>@<host>:<targetfile>

EXEC=runplink.cmd <passwd> <user> <host> <command>

The management server substitutes variables in angle brackets (<>) with actual values when it calls the command.

The default value for the COPY attribute configures the management server to call pscp to copy files to nodes.

The default value for the EXEC attribute configures the management server to call runplink.cmd, which is a command that calls PLINK.EXE to execute commands on nodes. When any of the PuTTY commands connects to a remote node for the first time, it requests verification of the node's SSH host key. The command runplink.cmd approves this request silently. PuTTY stores the node's key automatically in the Windows registry to use for future connections. If you need to verify SSH host keys manually, you can reconfigure the EXEC attribute.

To configure manual verification of SSH host keys:

1. Log in to the management server as a user with administrative rights, and open a command prompt.
2. Type ovconfchg -edit. A text editor appears, which enables you to edit attributes.

3. Find the namespace [depl.mechanisms.ssh], and replace the EXEC attribute with a call to PLINK.EXE. The value should then be as follows:

   EXEC=plink -ssh -batch -2 -pw <passwd> <user>@<host> <command> 
   

4. Save the file, and then close the text editor. The new configuration becomes active immediately.

After you do this, you must verify each node's SSH host key before you can deploy the HTTPS agent. You can do this by, for example, using the following plink command, which prompts you to verify the SSH host key:

plink -ssh <user name>@<node name> hostname 

Related Topics:

• ovconfget
• ovconfchg