186 The IBM TotalStorage NAS Gateway 500 Integration Guide
If the primary hard disk fails in such a configuration, the operating system
continues to run from the second hard disk until the failed drive is replaced. If a
reboot has to be done in this degraded state, the operator needs to select the
second disk as the booting device in the boot list.
8.3 OpenSSH for command line access
In companies, the security guidelines prohibit the use of telnet. The problem with
telnet is that all data, even user names and passwords, is transmitted in plain
text. OpenSSH offers the possibility to connect remotely via command line but to
encrypt all data that will be transferred between the command line client and the
NAS Gateway 500. This allows you to do system management tasks securely.
OpenSSL is the Secure Socket Layer toolkit which contains libraries that provide
cryptographic tasks for authentication and encryption. OpenSSL is a prerequisite
to install OpenSSH.
OpenSSH is a toolkit that provides access to the machine where it is installed on
(in our case, the NAS Gateway 500). The authentication and the data transfer is
done through an encrypted data channel. The OpenSSH protocol also notifies
you if someone (an ill-disposed party) tries to alter data packets of your session.
8.3.1 How to obtain OpenSSH
It is permissible to use SSH and SSL, but due to license restrictions, this
software is not shipped as part of the NAS Gateway 500. There are different
sources on the Web to obtain OpenSSH and OpenSSL. We used this site:
http://www-124.ibm.com/developerworks/projects/opensshi
This contains a direct link to the OpenSSH installation files and a link that leads
you through the license agreement to the OpenSSL software. When writing this
redbook, the files were called openssl-0.9.6m-2.aix5.1.ppc.rpm (there was no
explicit version for AIX 5.2) and openssh-3.7.1p2_52.tar.Z (which was the latest
version for AIX 5.2). After you have downloaded the files, you can FTP them to
the NAS Gateway 500. We suggest that you have a special directory for such
things, for example, /opt/download. For all of the following actions, you have to
be root user on the machine.
Tip: More information about OpenSSL and OpenSSH can be found on these
project Web sites:
http://www.openssl.org
http://www.openssh.org
Chapter 8. Subsequent configuration 187
8.3.2 Installing OpenSSL
Once you have the files on the NAS Gateway 500, you must first install
OpenSSL, since it is a prerequisite to install OpenSSH. Go to the directory where
the OpenSSL files resides.
In our case it was an rpm package that can be easily installed using the rpm
command in the command line:
rpm -i openssl-0.9.6m-2.aix5.1.ppc.rpm
If you receive no errors from this command, the installation should have been
successful. To be certain, Figure 8-37 shows how you can check easily if and
which version of this rpm is installed.
Figure 8-37 Checking if rpm package is installed
8.3.3 Installing OpenSSH
To install the OpenSSH package, you must first extract it. Go to the directory
where the downloaded file resides:
gunzip openssh-3.7.1p2_52.tar.Z
tar xvf openssh-3.7.1p2_52.tar
Now you should get the files Customer_README, openssh.base,
openssh.license, openssh.man.en_US, and some manuals in different
languages. Create a table of contents file (.toc) for the installation:
inutoc .
Then install via SMIT:
smitty install
Specify the path. You can use “.” (the period character, which means the current
working directory) as shown in Figure 8-38, because we changed the directory
before, or you can specify the full path.
Attention: The exact package names can differ, depending on the version you
downloaded from the Web.
188 The IBM TotalStorage NAS Gateway 500 Integration Guide
Figure 8-38 SMIT install latest
Press Enter to approve your choice.
Chapter 8. Subsequent configuration 189
After that, you get the SMIT installation screen as shown in Figure 8-39. Choose
install_latest if you have only the OpenSSH packets in the directory, otherwise
you have to select which software to install by pressing the F4 key. You also
have to accept the license agreements by changing the “no” into a “yes” with the
TAB key.
Figure 8-39 SMIT installing all_latest and accepting license agreement
Press Enter and wait. Once the installation has finished, you can check if it was
successful as shown in Figure 8-40.

Get The IBM TotalStorage NAS Gateway 500 Integration Guide now with O’Reilly online learning.

O’Reilly members experience live online training, plus books, videos, and digital content from 200+ publishers.