Connector GuidesConnectors GuideConnecting to EndpointsKerberos ConnectorKerberos Installation and DeploymentInstall and Deploy the ConnectorHow to Set Up SSH Permissions for the Kerberos Connector › Assign Values to the SSH Attributes Using etautil

Previous Topic: Modify the Environment File to Make kadmin Visible

Next Topic: Firewall Configuration

Assign Values to the SSH Attributes Using etautil

If you want to manage a Kerberos endpoint using a Windows Java CS rather than a Kerberos Java CS, assign values to the SSH attributes using the etautil utility. You can use the utility to assign the eTKRBSSHPrivateKeyFile you generated with the ssh-keygen or puttygen utilities.

To assign values to the SSH attributes using etautil

  1. On the Provisioning Server host, start a Command Prompt window and navigate to the following directory: 
    IMPS_INSTALL_DIR\bin

    Enter the following command:

    etautil -d im_domain -u im_user -p im_user_password update 'eTNamespaceName=KRB Namespace' eTKRBDirectory eTKRBDirectoryName='krb_endpoint_name' eTKRBSSHServer='ssh_server' eTKRBSSHUser=ssh_user eTKRBSSHPrivateKeyFile='ssh_key_filename' eTKRBSSHPassword='ssh_key_passphrase'
    -d domain

    Specifies the name of the provisioning domain.

    -u user

    Specifies the global user name for authentication.

    Update

    Updates the attributes to the values you specify.

    eTKRBSSHServer

    Specifies the name of the computer running the SSH service that the connector connects to. This host must be a member of the Kerberos realm. The SSH service must be enabled on the host.

    eTKRBSSHUser

    Specifies the account name in the SSH server host that the connector uses to log in.

    eTKRBSSHUser

    Specifies the account that the connector uses to log in to the SSH server.

    eTKRBSSHPrivateKeyFile

    Specifies the file that contains the private key of the SSH user, using an absolute or relative path. This private key file must be located on the computer running the JCS. The file format must be in either PEM or OpenSSH format, and it can use a DSA or RSA signature. You can generate the key using any standard tool, including SSH-Keygen and PuTTYgen.

    eTKRBSSHPassword

    Specifies the password that protects the private key. We recommend that you use a password, but if there is no password, leave this field blank.

    Note: All parameters are mandatory. However, if you did not use a passphrase to protect the private key, the parameter eTKRBSSHPassword is not mandatory.

    The SSH attributes are set to the values you specified.

    Note: For more information about etautil utility, see the Provisioning Reference Guide.

    The endpoint is ready for use with the new Java CS.