ACRONIS BACKUP AND RECOVERY 10 ADVANCED SERVER - UPDATE 3 User Manual page 78
Hide thumbs
Also See for BACKUP AND RECOVERY 10 ADVANCED SERVER - UPDATE 3:
- Installation manual (43 pages)
Table of Contents
Advertisement
Remote connection as a non-root user
Since accessing the system as the root user should be restricted, the root user can create an
authentication policy to enable remote management under non-root credentials.
The following are two examples of such policies.
Note: As a result, the specified non-root users will be able to connect to the machine remotely as if they were
root users. A security best practice is to make sure that the user accounts are hard to compromise—for
example, by requiring that they have strong passwords.
Example 1
This authentication policy uses the pam_succeed_if module and works with Linux distributions with
kernel version 2.6 or later. For an authentication policy which works with kernel version 2.4, see the
next example.
Perform the following steps as the root user:
1. Create the Acronis_Trusted group account, by running the following command:
groupadd Acronis_Trusted
2. Add the names of the non-root users, whom you want to allow to connect to the machine
remotely, to the Acronis_Trusted group. For example, to add the existing user user_a to the
group, run the following command:
usermod -G Acronis_Trusted user_a
3. Create the file /etc/pam.d/Acronisagent-trusted with the following content:
#%PAM-1.0
auth
required
auth
required
account
required
Example 2
The above authentication policy might not work on Linux distributions with kernel version 2.4—
including Red Hat Linux and VMware
is not supported there.
In this case, you can use the following authentication policy.
1. As the root user, create the file /etc/pam.d/Acronis_trusted_users
2. Add the names of the non-root users whom you want to allow to manage the machine, to this
file, one user name per line. For example, if you want to add the users user_a, user_b, and
user_c, add the following three lines to the file:
user_a
user_b
user_c
If necessary, also add the root user to the file.
3. Create the file /etc/pam.d/Acronisagent-trusted with the following content:
#%PAM-1.0
auth
required
auth
required
file=/etc/pam.d/Acronis_trusted_users onerr=fail
account
required
78
pam_unix.so
pam_succeed_if.so user ingroup Acronis_Trusted
pam_unix.so
®
ESX™ 3.5 Upgrade 2—because the pam_succeed_if.so module
pam_unix.so
pam_listfile.so item=user sense=allow
pam_unix.so
Copyright © Acronis, Inc., 2000-2010
Advertisement
Table of Contents
Related Manuals for ACRONIS BACKUP AND RECOVERY 10 ADVANCED SERVER - UPDATE 3
Related Products for ACRONIS BACKUP AND RECOVERY 10 ADVANCED SERVER - UPDATE 3
- ACRONIS BACKUP AND RECOVERY 10 SERVER FOR LINUX -
- ACRONIS BACKUP AND RECOVERY 10 - UPGRADING TO STAND-ALONE EDITIONS
- ACRONIS BACKUP AND RECOVERY 10 ADVANCED SERVER - COMMAND LINE REFERENCE UPDATE 3
- ACRONIS BACKUP AND RECOVERY 10 ADVANCED SERVER SBS EDITION - INSTALLATION UPDATE 3
- ACRONIS BACKUP AND RECOVERY 10 ADVANCED SERVER VIRTUAL EDITION - COMMAND LINE REFERENCE UPDATE 3
- ACRONIS BACKUP AND RECOVERY 10 ONLINE STAND-ALONE
- ACRONIS BACKUP RECOVERY 10 MANAGEMENT SERVER REPORTS -
- ACRONIS BACKUP AND RECOVERY 10 ADVANCED SERVER SBS EDITION - COMMAND LINE REFERENCE UPDATE 3
- ACRONIS BACKUP AND RECOVERY 10 ADVANCED SERVER VIRTUAL EDITION - INSTALLATION UPDATE 3
- ACRONIS BACKUP AND RECOVERY 10 ADVANCED WORKSTATION - COMMAND LINE REFERENCE UPDATE 3
- ACRONIS BACKUP AND RECOVERY 10 ONLINE ADVANCED
- ACRONIS BACKUP AND RECOVERY 10 WORKSTATION - INSTALLATION UPDATE 3
- ACRONIS BACKUP RECOVERY 10 ADVANCED SERVER SBS EDITION
- ACRONIS BACKUP RECOVERY 10 ADVANCED SERVER - COMMAND LINE
- ACRONIS BACKUP RECOVERY 10 ADVANCED SERVER SBS EDITION - COMMAND LINE
- ACRONIS BACKUP RECOVERY 10 ADVANCED SERVER VIRTUAL EDITION