Security Considerations - Oracle Sun ZFS Service Manual

ConfigurationBackup
to those properties that did not exist at the time of the backup. When restoring across
software versions, administrators should manually verify settings for new features following
the restore.
Password maintenance - The root password is not changed or reverted to the password at
■
the time of the backup if it was different. The current root password is maintained on the
system across the restore. For more details about passwords, refer to the summary of

Security Considerations.

Security Considerations
A configuration backup contains information that is normally only accessible to the root
administrative user on the appliance. Therefore, any configuration backup that is exported to
another system or into a filesystem share must apply security restrictions to the backup file to
ensure that unauthorized users cannot read the backup file.
Local user passwords are stored in the backup file in encrypted (hashed) format, not as clear
text. However, on the system, access to these password hashes is restricted, as they could be used
as input to dictionary attacks. Therefore, administrators must carefully protect configuration
backups that are exported, either by restricting file access to the backup, or by applying an
additional layer of encryption to the entire backup file, or both.
Directory user passwords are not stored in the appliance, and therefore are not stored in the
configuration backup. If you have deployed a directory service such as LDAP or AD for
administrative user access, there are no copies of directory service password hashes for
directory users stored in the configuration backup. Only the user name, user ID, preferences,
and authorization settings for directory users are stored in the backup and then restored.
Following a configuration restore, the local root administrative user password is not modified
to the root password at the time of the backup. The root password is left as-is, unmodified, by
the restore process, to ensure that the password used by the administrator who is executing the
restore process (and thus has logged in, using that password) is retained. If the administrator's
intent was to also change the root password at the time of configuration restore, that step must
be executed manually following the restore, using the normal administrative password change
procedure.
Managing Configuration Backups Using the BUI
The following section outlines how various Configuration Backup tasks can be accomplished
using the Configuration Backup area near the bottom of the Maintenance > System screen in
the BUI.
Create a Configuration Backup
To create a backup, simply click the "Backup" button above the list of saved configurations and
follow the instructions. You will be prompted to enter a descriptive comment for the backup.
132 Sun ZFS Storage 7x20 Appliance Customer Service Manual • December 2011 E26399–02