Cisco Cisco TelePresence Video Communication Server Expressway 관리 매뉴얼
Reference material
This will give the command line that named (the BIND server) was invoked with. If there is a -t option,
then the path following that is the new root directory and your files will be located relative to that root.
then the path following that is the new root directory and your files will be located relative to that root.
In /etc/named.conf look for a directory entry within the options section. This will give the directory in
which the zone files are stored, possibly relative to a new root directory. In the appropriate zone
section, a file entry will give the name of the file containing the zone details.
which the zone files are stored, possibly relative to a new root directory. In the appropriate zone
section, a file entry will give the name of the file containing the zone details.
For more details of how to configure BIND servers and the DNS system in general see the publication
DNS and BIND [
DNS and BIND [
].
Changing the default SSH key
Default SSH key warnings
A warning message "Security alert: the SSH service is using the default key” is displayed if your
Cisco VCS is still configured with its factory default SSH key.
Cisco VCS is still configured with its factory default SSH key.
Using the default key means that SSH sessions established to the Cisco VCS may be vulnerable to
"man-in-the-middle" attacks, so you are recommended to generate new SSH keys which are unique to
your Cisco VCS.
"man-in-the-middle" attacks, so you are recommended to generate new SSH keys which are unique to
your Cisco VCS.
Standalone Cisco VCS
Use the following instructions to generate a new SSH key for the Cisco VCS, entering all commands
from the CLI while logged in as root:
from the CLI while logged in as root:
1. Type regeneratesshkey.
2. Type exit to log out of the root account.
2. Type exit to log out of the root account.
Clustered Cisco VCS
Use the following instructions to generate new SSH keys for each cluster peer.
Enter the following commands from the CLI while logged in as root:
1. On each Cisco VCS peer in turn:
a. Type cluster.
b. Select option (3) to temporarily disable replication on each Cisco VCS.
b. Select option (3) to temporarily disable replication on each Cisco VCS.
Follow the instructions but DO NOT remove the Cisco VCS from the list of peers.
c. Select (q) to quit.
2. On each Cisco VCS peer in turn:
a. Type regeneratesshkey.
3. After each Cisco VCS has had replication disabled and its SSH key regenerated, on each Cisco
VCS peer in turn:
a. Type cluster.
o
On the master Cisco VCS, select option (1) and follow the instructions to set it as the
replication master.
replication master.
o
On each non-master Cisco VCS, select option (2) and follow the instructions to set it to
replicate with a peer.
replicate with a peer.
b. Select (q) to quit.
4. On every Cisco VCS in turn:
a. Type cluster.
b. Select option (5) to check that Cisco VCS replication is working correctly.
c. Select (q) to quit.
b. Select option (5) to check that Cisco VCS replication is working correctly.
c. Select (q) to quit.
5. Type exit to log out of the root account.
Cisco VCS Administrator Guide (X6)
Page 258 of 295