You are on page 1of 2

Pre-Implementation Task:

************************
Remove the contents of /home/staffadm/.ssh/authorized_keys

Implementation Plan:
********************
On HORINNIM01 (SourceServer)
1) Create new Key file as mentioned below (as per SSH key labelling process)
Command: (as 'staffadm' user id)
/usr/bin/ksh create_ssh_key.sh
Details mentioned below will be used will creating ID
KeyFile name
: staffadm
Country Code
: 744
Type
:
F
URT Imtermediate Code :
*RSAUNX
Company
:
IBM
Description of ID
:
UNIX Automation ID
Will you use a passphrase:
NO
IP addresses to login from: 10.109.241.23
Logging to be added
:
YES
This will create files mentioned below
Key Files:
staffadm & staffadm.pub
Logger File: sshd_cmd_logger

2) Copy the content of 'staffadm.pub' to target servers /home/staffadm/.ssh/auth


orized_keys
Commands:
scp /home/staffadm/.ssh/staffadm.pub <targetserver>:/home/staffadm/.ssh/
cat /home/staffadm/.ssh/staffadm.pub >> /home/staffadm/.ssh/authorized_keys
3) Enable logging as per suggested method in IBM Wiki
Copy the 'sshd_cmd_logger' file to target servers
Command:
scp /home/staffadm/.ssh/sshd_cmd_logger <targetserver>:/home/staffadm/.ssh/
With root privilee to do the following on each of your target servers
Command:
mkdir /var/log/.sh_history_staffadm
chmod 1777 /var/log/.sh_history_staffadm

Test Plan:
**********
Login to Target server from source server with 'staffadm' ID using the ssh-keys
generated and test the logs that are being captured.