Copyright (c) 2006, Sun Microsystems, Inc. All Rights Reserved
The contents of this file are subject to the terms of the Common Development and Distribution License (the "License"). You may not use this file except in compliance with the License.
You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE or http://www.opensolaris.org/os/licensing. See the License for the specific language governing permissions and limitations under the License.
When distributing Covered Code, include this CDDL HEADER in each file and include the License file at usr/src/OPENSOLARIS.LICENSE. If applicable, add the following below this CDDL HEADER, with the fields enclosed by brackets "[]" replaced with your own identifying information: Portions Copyright [yyyy] [name of copyright owner]
/platform/platform_name/cvcd [-a auth] [-e encr] [-u esp_auth]
The virtual console daemon, cvcd, is a server process that supports the network console provided on some platforms. The cvcd daemon accepts network console connections from a remote host (only one host at any given time). Console input is read from this connection and forwarded to cvc(7D) by way of cvcredir(7D).
Similarly, console output is read from cvcredir(7D) and forwarded across the network console connection. If cvcd dies, console traffic is automatically rerouted through an internal hardware interface.
The cvcd daemon normally starts at system boot time. Each domain supports only one cvcd process at a time.
Caution -
On Sun Enterprise 10000 domains, cvcd uses a configuration file (/etc/ssphostname) to determine the name of the host from which network console connections are allowed. If the remote console host is renamed, you must edit the configuration file to reflect that change.
The cvcd daemon supports per-socket IP Security Architecture (IPsec) through the options described below. See ipsec(7P).
The cvcd daemon supports the options listed below.
-a auth
Controls the IPsec Authentication Header (AH) algorithm. auth can be one of none, md5, or sha1.
-e encr
Controls the IPsec Encapsulating Security Payload (ESP) encryption algorithm. encr can be one of none, des, or 3des.
-u esp_auth
Controls the IPsec Encapsulating Security Payload (ESP) authentication algorithm. esp_auth can be one of none, md5, or sha1.
The following operands are supported:
platform_name
The official Sun platform name used in packaging and code. For example, for Sun Fire 15K servers, the platform_name would be SUNW,Sun-Fire-15000.
Example 1 Setting an IPSec Option
The command below sets the value of the IPsec Authentication Header algorithm to md5. As a result of this command, cvcd will use the HMAC-MD5 authentication algorithm.
# svccfg -s svc:/system/cvc setprop cvc/ah_auth = "md5" # svccfg -s svc:/system/cvc setprop cvc/esp_encr = "none" # svccfg -s svc:/system/cvc setprop cvc/esp_auth = "none" # svcadm refresh svc:/system/cvc
See attributes(5) for descriptions of the following attributes:
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
| Architecture | |
| Sun Enterprise 10000 servers, Sun Fire High-End Systems | |
svcs(1), svcadm(1M), svccfg(1M), services(4), attributes(5), smf(5), cvc(7D), cvcredir(7D), ipsec(7P)
Sun Enterprise 10000 SSP Reference Manual
System Management Services (SMS) Reference Manual
The cvcd service is managed by the service management facility, smf(5), under the fault management resource identifier (FMRI):
svc:/system/cvc
Administrative actions on this service, such as enabling, disabling, or requesting restart, can be performed using svcadm(1M) or svccfg(1M). The service's status can be queried using the svcs(1) command.