The RSA SecurID Appliance (virtual or hardware) uses SUSE Enterprise Linux as the operating system hosting the RSA Authentication Manager 8.x software. Only enough of the SUSE Enterprise Linux operating system has been provided for the SecurID Appliance to host the RSA Authentication Manager 8.x software. Only the rsaadmin account is active to access the operating system at the command line either via the local console or where the secure shell has been enabled.
RSA will provide software updates to update and/or make changes to the operating system hosting RSA Authentication Manager software. Customers are advised not to make any changes at the command line unless otherwise directed by RSA Customer Support. NOTE: The following is shown command example output only.
Check listening ports and established connections
rsaadmin@am83:~> netstat -anolp | more (Not all processes could be identified, non-owned process info will not be shown, you would have to be root to see it all.) Active Internet connections (servers and established) Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name Timer tcp 0 0 0.0.0.0:111 0.0.0.0:* LISTEN - off (0.00/0/0) tcp 0 0 0.0.0.0:35761 0.0.0.0:* LISTEN - off (0.00/0/0) tcp 0 0 0.0.0.0:1812 0.0.0.0:* LISTEN - off (0.00/0/0) tcp 0 0 0.0.0.0:60340 0.0.0.0:* LISTEN - off (0.00/0/0) tcp 0 0 0.0.0.0:1813 0.0.0.0:* LISTEN - off (0.00/0/0) tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN - off (0.00/0/0) tcp 0 0 127.0.0.1:32000 0.0.0.0:* LISTEN 7191/java off (0.00/0/0) tcp 0 0 127.0.0.1:32001 0.0.0.0:* LISTEN 9317/java off (0.00/0/0) tcp 0 0 127.0.0.1:32002 0.0.0.0:* LISTEN 9961/java off (0.00/0/0) tcp 0 0 127.0.0.1:32003 0.0.0.0:* LISTEN 11148/java off (0.00/0/0) tcp 0 0 0.0.0.0:7050 0.0.0.0:* LISTEN 7190/postgres off (0.00/0/0) tcp 0 0 127.0.0.1:7050 127.0.0.1:37418 ESTABLISHED 10831/postgres: rsa keepalive (5524.03/0/0) tcp 0 0 127.0.0.1:32003 127.0.0.1:31003 ESTABLISHED 11145/wrapper-3.2.3 off (0.00/0/0) tcp 0 0 127.0.0.1:7050 127.0.0.1:37579 ESTABLISHED 11042/postgres: rsa keepalive (6441.59/0/0) tcp 0 256 192.168.31.39:22 192.168.41.23:1165 ESTABLISHED - on (0.23/0/0) tcp 0 0 127.0.0.1:32000 127.0.0.1:31000 ESTABLISHED 7176/wrapper-3.2.3r off (0.00/0/0) tcp 0 0 127.0.0.1:32001 127.0.0.1:31001 ESTABLISHED 9315/wrapper-3.2.3r off (0.00/0/0) tcp 0 0 192.168.31.39:1813 192.168.31.39:58185 ESTABLISHED - keepalive (215.28/0/0) tcp 0 0 127.0.0.1:32002 127.0.0.1:31002 ESTABLISHED 9959/wrapper-3.2.3r off (0.00/0/0) tcp 0 0 :::5580 :::* LISTEN 9961/java off (0.00/0/0) tcp 0 0 127.0.0.1:7022 :::* LISTEN 9961/java off (0.00/0/0) tcp 0 0 127.0.0.2:7022 :::* LISTEN 9961/java off (0.00/0/0) tcp 0 0 ::1:7022 :::* LISTEN 9961/java off (0.00/0/0) tcp 0 0 fe80::a6ba:dbff:fe:7022 :::* LISTEN 9961/java off (0.00/0/0) tcp 0 0 192.168.31.39:7022 :::* LISTEN 9961/java off (0.00/0/0) tcp 0 0 :::5550 :::* LISTEN 9961/java off (0.00/0/0) tcp 0 0 :::111 :::* LISTEN - off (0.00/0/0) tcp 0 0 :::58929 :::* LISTEN - off (0.00/0/0) tcp 0 0 ::1:7026 :::* LISTEN 11148/java off (0.00/0/0) … … …
List the available software packages installed with SUSE Enterprise Linux
rsaadmin@am83:~> rpm -qa | more master-boot-code-1.14-70.11 sles-release-DVD-11.4-1.109 libusb-0_1-4-0.1.12-139.1.1 libattr-2.4.43-1.18 pth-2.0.7-102.22 libuuid1-2.19.1-6.72.1 insserv-1.12.0-25.11.47 libblkid1-2.19.1-6.72.1 diffutils-2.8.7-143.23.1 setserial-2.17-716.22 gfxboot-4.1.34-0.5.44 udev-147-0.110.1 util-linux-lang-2.19.1-6.72.1 util-linux-2.19.1-6.72.1 PolicyKit-0.9-14.43.1 gpg2-2.0.9-25.33.41.2 … … …
Determine the version of SUSE Enterprise Linux
rsaadmin@am84:~> cat /etc/SuSE-release SUSE Linux Enterprise Server 12 (x86_64) VERSION = 12 PATCHLEVEL = 3 rsaadmin@am83:~>
Determine the version of RSA Authentication Manager
rsaadmin@am83:~> cat /etc/issue RSA Authentication Manager 8.3.0.1.0-build1400450 rsaadmin@am83:~>
Show which loadable kernel modules are currently loaded
rsaadmin@am83:~> lsmod Module Size Used by ip6table_mangle 12740 0 iptable_mangle 12695 0 ipmi_si 53422 0 nfs 448114 1 lockd 93786 1 nfs fscache 67874 1 nfs auth_rpcgss 53269 1 nfs nfs_acl 12837 1 nfs sunrpc 262055 16 nfs,lockd,auth_rpcgss,nfs_acl mpt3sas 221557 0 mpt2sas 173295 0 scsi_transport_sas 40887 2 mpt3sas,mpt2sas raid_class 13554 2 mpt3sas,mpt2sas … … …
List information about PCI buses and devices in the system
rsaadmin@am83:~> lspci 00:00.0 Host bridge: Intel Corporation 5520 I/O Hub to ESI Port (rev 13) 00:01.0 PCI bridge: Intel Corporation 5520/5500/X58 I/O Hub PCI Express Root Port 1 (rev 13) 00:03.0 PCI bridge: Intel Corporation 5520/5500/X58 I/O Hub PCI Express Root Port 3 (rev 13) 00:04.0 PCI bridge: Intel Corporation 5520/X58 I/O Hub PCI Express Root Port 4 (rev 13) 00:05.0 PCI bridge: Intel Corporation 5520/X58 I/O Hub PCI Express Root Port 5 (rev 13) 00:06.0 PCI bridge: Intel Corporation 5520/X58 I/O Hub PCI Express Root Port 6 (rev 13) 00:07.0 PCI bridge: Intel Corporation 5520/5500/X58 I/O Hub PCI Express Root Port 7 (rev 13) 00:09.0 PCI bridge: Intel Corporation 7500/5520/5500/X58 I/O Hub PCI Express Root Port 9 (rev 13) 00:14.0 PIC: Intel Corporation 7500/5520/5500/X58 I/O Hub System Management Registers (rev 13) … … …
Listing users (Note: rsaadmin is the active user for accessing the command line)
rsaadmin@am83:~> cat /etc/passwd | cut -d":" -f1 root bin daemon mail wwwrun nobody messagebus polkituser haldaemon vscan sshd ntp rsaadmin man Radius_user_nopoek4t rsaadmin@am83:~>
Listing locked accounts
rsaadmin@am83:~> sudo passwd -S -a | grep LK | cut -d " " -f1 rsaadmin's password: <enter operating system password> root bin daemon mail wwwrun nobody messagebus polkituser haldaemon vscan sshd ntp man rsaadmin@am83:~>
|