Prerequisites for adding the Linux Host to OmniDeq for discovery
Recommended resource requirements
| Resource | CPU | RAM | /home/ |
/opt |
|---|---|---|---|---|
| Requirement | 4 cores | 8 GB | > 500 MB | > 2 GB |
Discovery uses /opt partition for its operation. Please allow the executable permissions to the folder. Verify it as follows on the Host.
[ssh-user@host ~]$ ls -ltr /opt
drwxr-xr-x 9 root testdir 288 Sep 27 2016 X11
"x" is required which ensures the execute permission.
Privilege Access
The user account used for connection between OmniDeq and host must have privilege access.
Below line can be added to /etc/sudoers for allowing connecting user to communicate without password certain commands. Please update the path for system commands like mkdir, echo etc
<ssh-user-for-omnideq-host> ALL=(ALL) NOPASSWD:/opt/.ch-tools/*/*/*, /opt/.ch-tools/*/*, /bin/mkdir, /bin/echo, /bin/chmod 755 /opt/.ch-tools/*, /bin/chmod 755 /home/<ssh-user-for-omnideq-host>/chcmd, /bin/chmod -R 755 /opt/.ch-tools, /bin/chmod -R 755 /home/<ssh-user-for-omnideq-host>/.ch-tools, /bin/chown <ssh-user-for-omnideq-host>\: /opt/.ch-tools/*, /bin/chown -R <ssh-user-for-omnideq-host>\: /home/<ssh-user-for-omnideq-host>/chcmd, /bin/chown -R <ssh-user-for-omnideq-host>\: /opt/.ch-tools, /bin/chown -R <ssh-user-for-omnideq-host>\: /home/<ssh-user-for-omnideq-host>/.ch-tools
RequireTTY
Disable requiretty for connecting user from remote machine to Host. If set, sudo will only run when the user is logged in to a real terminal and not via other means such as cron, cgi-bin or ssh scripts. Since OmniDeq connects to the Host remotely without a real terminal, this flag must be disabled. This flag is off by default. Below line can be added to /etc/sudoers file.
Defaults:<ssh-user-for-omnideq-host> !requiretty
SSHD server
The ssh server (sshd) must be running on the host. Verify it as follows on the Host.
[ssh-user@host ~]$ ps ax | grep <sshd or openssh or equivalent>
Connection between Host and OmniDeq
OmniDeq authenticates with the Linux Host using the following 2 methods over ssh
- Username and ssh key
- Username and password
Host communicates back to OmniDeq over port 443 ( https ). Please ensure that port 443 is enabled on the Host for external communication and unblocked on the firewall in between Host and OmniDeq.