PSM for SSH registration tool

After installation, use the registration to create the PSM for SSH environments in the Vault.

Environment parameters

The following table describes the registration tool parameters:

Parameter

Description

AcceptEULA

Accept the end user license agreement

Required

CredFile

Path to the credential file of administrative user

Required

VaultEnvPath

Path to vault.ini folder

Required

VaultName

Name of the vault

Default: CAMainVault

Optional

VaultConfigFileName

Name of the Vault configuration file

Default: vault.ini

Optional

ICUFolder

Path to ICU data file folder

Default: /opt/CARKpsmp/bin

Optional

LogsWSFolder

Path to logs folder

Default: /var/opt/CARKpsmp

Optional

PSMPAppUser

The Vault user name of the PSM for SSH Application user.

Default: PSMPAppUser

Optional

Note:It is recommended to change the default value to a unique value, for example, PSMPAppUser_<ID>, to prevent overwriting previous installations.

PSMPGWUser

The Vault user name of the PSM for SSH Gateway user.

Default: PSMPGWUser

Optional

Note:It is recommended to change the default value to a unique value, for example, PSMPGWUser_<ID>, to prevent overwriting previous installations.

PIMConfigSafe

Name of safe for storing the PIM configuration files

Default: PVWAConfig

Optional

PIMConfigPath

Path in safe for storing the PIM configuration files

Default: Root

Optional

PIMConfigFile

Name of the PIM configuration file.

Default: PVConfiguration.xml

Optional

PIMPoliciesFile

Name of the platforms configuration file.

Default: Policies.xml

Optional

RetryTimeout

Time (in seconds) to wait between retries

Default: 1 second

Optional

ClientsCount

The number of PSM for SSH instances registering simultaneously.

Default: 1

Mandatory when registering multiple PSM for SSH instances.

UpdateCredFile

Following a repair or upgrade, this parameter determines the update of the credentials file for PSM for SSH users.

Options:

■

Yes:- Always update the credentials file.

■

No:- Never updated the new credentials file

■

Inferred:PSM for SSH app users must match in both the installation and credentials files. The PSM for SSH envmanager utility updates the credentials file if one of the following conditions is met:

■

A newer, more secure, credentials file version exists

■

The existing credentials file on the file system does not meet the security policy of the new PSM for SSH version.

Default: Inferred

Run the registration tool

After you have installed PSM for SSH, run the following command with relevant parameters:

/opt/CARKpsmp/bin/envmanager "CreateEnv" -AcceptEULA "Y" -CredFile <"FileName"> -VaultEnvPath "/etc/opt/CARKpsmp/vault"

It is recommended to change the default PSMAppUser and PSMPGWUser parameter values to unique values to prevent overwriting previous installations.

/opt/CARKpsmp/bin/envmanager "CreateEnv" -AcceptEULA "Y" -CredFile "/tmp/user.cred" -VaultEnvPath "/etc/opt/CARKpsmp/vault" -PSMPAppUser "PSMPAppUser_PSMP1" -PSMPGWUser "PSMPGWUser_PSMP1"