After installing VIO Server v3.1.0 I noticed a few configuration items that you may want to review.

 

# /usr/ios/cli/ioscli ioslevel
3.1.0.00

 

Paging Devices

By default, the install creates a hd6 at 512MB and a paging00 device at 1024MB.  The AIX best practice guides advise against this.

# lsps -a
Page Space Physical Volume Volume Group  Size    %Used  Active  Auto  Type  Chksum
paging00   hdisk0   rootvg               1024MB      1    yes    yes   lv      0
hd6        hdisk1   rootvg                512MB      0    yes    yes   lv      0

 

Filesystems maybe too small.

These filesystems maybe on the small size.  I like to have some space for the logging in /var, so I make this 2GB and I like / to be 1GB, just in case!!

# df -g
Filesystem   GB blocks  Free  %Used  Iused  %Iused  Mounted on
/dev/hd4        0.50    0.45    10%   4139     4%   /
/dev/hd9var     1.00    0.77    23%   3630     2%   /var
 

 

AIX and VIOS still use crypt for password hashing.

This only enforces the first 8 characters of the password.  I highly recommend you change this to sha512.

Before, you will see that pwd_algorithm is blank.

# lssec -f /etc/security/login.cfg -s usw -a pwd_algorithm
usw pwd_algorithm=

Change the password encryption to sha512.

# chsec -f /etc/security/login.cfg -s usw -a pwd_algorithm=ssha512

After the change, confirm it is now sha512.

# lssec -f /etc/security/login.cfg -s usw -a pwd_algorithm
usw pwd_algorithm=ssha512