Previous Topic: Configure the Gateway Two DatabaseNext Topic: Install Mobile Access Gateways (MAG) and Siteminder Assertion Packages

Upgrade GuideHow to Upgrade CA CloudMinderUpgrade the CA Identity Management ServerHarden the Gateway Servers

Harden the Gateway Servers

This section describes how to harden the Gateways. Perform the steps and commands on both machines.

Follow these steps:

  1. SSH into the Gateway server as root user and enter the following commands: 
    useradd -m ssgconfig
passwd ssgconfig

    Provide the password of your choice for the user ssgconfig.

    cd ~/download
chmod +x harden.sh
cp -p harden.sh ~/harden.sh
cd ~

    ./harden.sh -h vmware
  2. If ./harden.sh -h vmware fails, review error messages and manually resolve any conflicts. For example, you many need to run the following commands: 
    yum erase subscription-manager
yum erase yum-updatesd
yum erase yum-security
yum erase rhn-client-tools
echo "SINGLE=/sbin/sulogin" >> /etc/sysconfig/init
  3. Review ~/harden.sh.log for hardening results, manually resolve conflicts, and re-run the hardening process as needed.

    Note: Once the harden.sh script has been run successfully, you can no longer log in as root. If you wish to gain root access to the system, log in as user ssconfig and run the su command to change your login ID to root. Typically, you must run the harden.sh script multiple times even if the script shows no error messages upon execution.