2,187
edits
m (→Security Hardening: Added "Network Settings") |
(→Procedures: Added "Regenerate Certificate") |
||
Line 110: | Line 110: | ||
|} | |} | ||
== Password Complexity Override == | == Security == | ||
=== Password Complexity Override === | |||
In order to be able to change a user (or root) password to one that breaches password complexity checking | In order to be able to change a user (or root) password to one that breaches password complexity checking | ||
Line 120: | Line 121: | ||
# Re-enable PAM module | # Re-enable PAM module | ||
#* <code> esxcfg-auth --usepamqc=-1 -1 -1 -1 8 8 </code> | #* <code> esxcfg-auth --usepamqc=-1 -1 -1 -1 8 8 </code> | ||
=== Regenerate Certificate === | |||
You might need to regenerate certificates if | |||
* Change ESX host name | |||
* Accidentally delete the certificates | |||
To generate new Certificates for the ESX Server host... | |||
# Change directories to /etc/vmware/ssl. | |||
# Create backups of any existing certificates: | |||
#* <code> mv rui.crt orig.rui.crt </code> | |||
#* <code> mv rui.key orig.rui.key </code> | |||
# Rstart the vmware-hostd process: | |||
#* <code> service mgmt-vmware restart </code> | |||
# Confirm that the ESX Server host generated new certificates by executing the following command comparing the time stamps of the new certificate files with orig.rui.crt and orig.rui.key | |||
#* <code> ls -la </code> | |||
== HBA and SAN Operations == | == HBA and SAN Operations == |