![]() | Sun System Handbook - ISO 4.1 October 2012 Internal/Partner Edition | ||
|
|
![]() |
||||||||||||||||
Solution Type Technical Instruction Sure Solution 1007592.1 : Protecting OpenBoot[TM] by Setting Security Parameters
PreviouslyPublishedAs 210504 Description This document describes the procedure used to password protect a system's OpenBoot[TM] (OBP). It is always recommended that all systems have their OBP protected. This is to make sure that non-authorized personnel cannot boot the system from any external device (hard disk, or CD-ROM) and get complete control over the system. There are three levels of security in OBP as explained below. The default is 'none'.
Steps to Follow The following steps are to be used in setting up OpenBoot: Setting the OpenBoot Password:1. From Solaris[TM] Prompt: # eeprom security-password Changing PROM password: New password:******** Retype new password:******** # 2. From OpenBoot Prompt: ok password ok New password (only first 8 chars are used):******** ok Retype new password:******** Setting OpenBoot Security Level:1. From Solaris Prompt: The following line sets the security level to 'full' # eeprom security-mode=full 2. From OpenBoot Prompt: The following line sets security level to 'command' ok setenv security-mode command Resetting OpenBoot Number of Incorrect Password Attempts:The security-#badlogins OBP parameter records the number of failed security password attempts. When changing other OBP security parameters, it is good practice to reset the value of the parameter security-#badlogins to zero - if it wasn't already initialized -, so that the number of incorrect security password attempts can be detected. 1. From Solaris Prompt: The following line resets the OBP parameter security-#badlogins # eeprom security-#badlogins=0 2. From OpenBoot Prompt: The following line resets the OBP parameter security-#badlogins ok setenv security-#badlogins 0 Warning:
NOTE:
SPARC
(R)
IA
Product N/A OBP, security, password, OK, NVRAM Previously Published As 77383 Change History The product statement requires products that apply to this article and will be found in a product based search. Please place specific versions of the product according to the product nomenclature database swordfish( http://krep.emea.sun.com/stats/swordfish/) to resolve this issue. Date: 2004-09-13 User Name: 7058 Action: Approved Comment: Fixed &andquot problem. Doc OK to publish. Version: 9 Date: 2004-09-10 User Name: 7058 Action: Accept Comment: Version: 0 Date: 2004-09-10 Attachments This solution has no attachment |
||||||||||||||||
|