xref: /titanic_51/usr/src/man/man1m/cvcd.1m (revision c10c16dec587a0662068f6e2991c29ed3a9db943)
te
Copyright (c) 2006, Sun Microsystems, Inc. All Rights Reserved
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
cvcd 1M "9 Mar 2006" "SunOS 5.11" "System Administration Commands"
NAME
cvcd - virtual console daemon
SYNOPSIS

/platform/platform_name/cvcd [-a auth] [-e encr] 
 [-u esp_auth]
DESCRIPTION

The virtual console daemon, cvcd, is a server process that supports the network console provided on some platforms. The cvcd daemon accepts network console connections from a remote host (only one host at any given time). Console input is read from this connection and forwarded to cvc(7D) by way of cvcredir(7D).

Similarly, console output is read from cvcredir(7D) and forwarded across the network console connection. If cvcd dies, console traffic is automatically rerouted through an internal hardware interface.

The cvcd daemon normally starts at system boot time. Each domain supports only one cvcd process at a time.

Caution -

On Sun Enterprise 10000 domains, cvcd uses a configuration file (/etc/ssphostname) to determine the name of the host from which network console connections are allowed. If the remote console host is renamed, you must edit the configuration file to reflect that change.

The cvcd daemon supports per-socket IP Security Architecture (IPsec) through the options described below. See ipsec(7P).

OPTIONS

The cvcd daemon supports the options listed below.

-a auth

Controls the IPsec Authentication Header (AH) algorithm. auth can be one of none, md5, or sha1.

-e encr

Controls the IPsec Encapsulating Security Payload (ESP) encryption algorithm. encr can be one of none, des, or 3des.

-u esp_auth

Controls the IPsec Encapsulating Security Payload (ESP) authentication algorithm. esp_auth can be one of none, md5, or sha1.

OPERANDS

The following operands are supported:

platform_name

The official Sun platform name used in packaging and code. For example, for Sun Fire 15K servers, the platform_name would be SUNW,Sun-Fire-15000.

EXAMPLES

Example 1 Setting an IPSec Option

The command below sets the value of the IPsec Authentication Header algorithm to md5. As a result of this command, cvcd will use the HMAC-MD5 authentication algorithm.

# svccfg -s svc:/system/cvc setprop cvc/ah_auth = "md5"
# svccfg -s svc:/system/cvc setprop cvc/esp_encr = "none"
# svccfg -s svc:/system/cvc setprop cvc/esp_auth = "none"
# svcadm refresh svc:/system/cvc
ATTRIBUTES

See attributes(5) for descriptions of the following attributes:

ATTRIBUTE TYPEATTRIBUTE VALUE
Architecture
Sun Enterprise 10000 servers, Sun Fire High-End Systems
SEE ALSO

svcs(1), svcadm(1M), svccfg(1M), services(4), attributes(5), smf(5), cvc(7D), cvcredir(7D), ipsec(7P)

Sun Enterprise 10000 SSP Reference Manual

System Management Services (SMS) Reference Manual

NOTES

The cvcd service is managed by the service management facility, smf(5), under the fault management resource identifier (FMRI):

svc:/system/cvc

Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M) or svccfg(1M). The service's status can be queried using the svcs(1) command.