JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
System Administration Guide: Security Services
search filter icon
search icon

Document Information

Preface

Part I Security Overview

1.  Security Services (Overview)

Part II System, File, and Device Security

2.  Managing Machine Security (Overview)

3.  Controlling Access to Systems (Tasks)

4.  Controlling Access to Devices (Tasks)

5.  Using the Basic Audit Reporting Tool (Tasks)

6.  Controlling Access to Files (Tasks)

7.  Using the Automated Security Enhancement Tool (Tasks)

Part III Roles, Rights Profiles, and Privileges

8.  Using Roles and Privileges (Overview)

9.  Using Role-Based Access Control (Tasks)

10.  Role-Based Access Control (Reference)

11.  Privileges (Tasks)

12.  Privileges (Reference)

Part IV Oracle Solaris Cryptographic Services

13.  Oracle Solaris Cryptographic Framework (Overview)

14.  Oracle Solaris Cryptographic Framework (Tasks)

15.  Oracle Solaris Key Management Framework

Part V Authentication Services and Secure Communication

16.  Using Authentication Services (Tasks)

17.  Using PAM

18.  Using SASL

19.  Using Solaris Secure Shell (Tasks)

20.  Solaris Secure Shell (Reference)

Part VI Kerberos Service

21.  Introduction to the Kerberos Service

22.  Planning for the Kerberos Service

23.  Configuring the Kerberos Service (Tasks)

24.  Kerberos Error Messages and Troubleshooting

25.  Administering Kerberos Principals and Policies (Tasks)

26.  Using Kerberos Applications (Tasks)

27.  The Kerberos Service (Reference)

Part VII Oracle Solaris Auditing

28.  Oracle Solaris Auditing (Overview)

29.  Planning for Oracle Solaris Auditing

30.  Managing Solaris Auditing (Tasks)

31.  Solaris Auditing (Reference)

Glossary

Index

Numbers and Symbols

A

B

C

D

E

F

G

H

I

J

K

L

M

N

O

P

Q

R

S

T

U

V

W

X

Y

Z

K

-k option
encrypt command, How to Encrypt and Decrypt a File
Kerberized commands, Overview of Kerberized Commands
mac command, How to Compute a MAC of a File
-K option
Kerberized commands, Overview of Kerberized Commands
usermod command, How to Assign Privileges to a User or Role
.k5.REALM file, description, Kerberos Files
.k5login file
description
Granting Access to Your Account
Kerberos Files
rather than revealing password, Granting Access to Your Account
kadm5.acl file
description, Kerberos Files
format of entries, How to Modify the Kerberos Administration Privileges
master KDC entry
How to Manually Configure a Master KDC
How to Configure a KDC to Use an LDAP Data Server
How to Swap a Master KDC and a Slave KDC
new principals and
How to Create a New Kerberos Principal
How to Duplicate a Kerberos Principal
kadm5.keytab file
description
Administering Keytab Files
Kerberos Files
kadmin command
creating host principal
How to Manually Configure a Master KDC
How to Configure a KDC to Use an LDAP Data Server
description, Kerberos Commands
ktadd command, How to Add a Kerberos Service Principal to a Keytab File
ktremove command, How to Remove a Service Principal From a Keytab File
removing principals from keytab with, How to Remove a Service Principal From a Keytab File
SEAM Tool and, Ways to Administer Kerberos Principals and Policies
kadmin.local command
adding administration principals
How to Manually Configure a Master KDC
How to Configure a KDC to Use an LDAP Data Server
automating creation of principals, Automating the Creation of New Kerberos Principals
creating keytab file
How to Manually Configure a Master KDC
How to Configure a KDC to Use an LDAP Data Server
description, Kerberos Commands
kadmin.log file, description, Kerberos Files
kadmind daemon
Kerberos and, Kerberos Daemons
master KDC and, Kerberos-Specific Terminology
kadmind principal, Administering Keytab Files
kbd file, How to Disable a System's Abort Sequence
KbdInteractiveAuthentication keyword, Solaris Secure Shell, Keywords in Solaris Secure Shell
kcfd daemon
Administrative Commands in the Oracle Solaris Cryptographic Framework
How to Refresh or Restart All Cryptographic Services
kclient command, description, Kerberos Commands
kdb5_ldap_util command, description, Kerberos Commands
kdb5_util command
creating KDC database, How to Manually Configure a Master KDC
creating stash file
How to Manually Configure a Slave KDC
How to Configure a Slave KDC to Use Full Propagation
description, Kerberos Commands
KDC
backing up and propagating, Backing Up and Propagating the Kerberos Database
configuring master
manual, How to Manually Configure a Master KDC
with LDAP, How to Configure a KDC to Use an LDAP Data Server
configuring slave
manual, How to Manually Configure a Slave KDC
copying administration files from slave to master
How to Manually Configure a Slave KDC
How to Configure a Slave KDC to Use Full Propagation
creating database, How to Manually Configure a Master KDC
creating host principal
How to Manually Configure a Master KDC
How to Configure a KDC to Use an LDAP Data Server
database propagation, Which Database Propagation System to Use
master
definition, Kerberos-Specific Terminology
planning, The Number of Slave KDCs
ports, Ports for the KDC and Admin Services
restricting access to servers, How to Restrict Access to KDC Servers
slave, The Number of Slave KDCs
definition, Kerberos-Specific Terminology
slave or master
Kerberos Servers
Configuring KDC Servers
starting daemon
How to Manually Configure a Slave KDC
How to Configure a Slave KDC to Use Full Propagation
swapping master and slave, Swapping a Master KDC and a Slave KDC
synchronizing clocks
master KDC
How to Manually Configure a Master KDC
How to Configure a KDC to Use an LDAP Data Server
slave KDC
How to Manually Configure a Slave KDC
How to Configure a Slave KDC to Use Full Propagation
kdc.conf file
description, Kerberos Files
ticket lifetime and, Ticket Lifetimes
kdc.log file, description, Kerberos Files
kdestroy command
example, Destroying Kerberos Tickets
Kerberos and, Kerberos Commands
KeepAlive keyword, Solaris Secure Shell, Keywords in Solaris Secure Shell
Kerberos
administering, Administering Kerberos Principals and Policies (Tasks)
Administration Tool
See SEAM Tool
commands
Kerberos User Commands
Kerberos Commands
components of, Kerberos Components
configuration decisions, Planning for the Kerberos Service
configuring KDC servers, Configuring KDC Servers
daemons, Kerberos Daemons
dfstab file option, How to Set Up a Secure NFS Environment With Multiple Kerberos Security Modes
enabling Kerberized applications only, How to Enable Only Kerberized Applications
encryption types
overview, Kerberos Encryption Types
using, Using Kerberos Encryption Types
error messages, Kerberos Error Messages
examples of using Kerberized commands, Using Kerberized Commands (Examples)
files, Kerberos Files
gaining access to server, Gaining Access to a Service Using Kerberos
granting access to your account, Granting Access to Your Account
Kerberos V5 protocol, What Is the Kerberos Service?
online help, Online Help URL in the Graphical Kerberos Administration Tool
options to Kerberized commands, Overview of Kerberized Commands
overview
authentication system
How the Kerberos Service Works
How the Kerberos Authentication System Works
Kerberized commands, Overview of Kerberized Commands
password management, Kerberos Password Management
planning for, Planning for the Kerberos Service
realms
See realms (Kerberos)
reference, The Kerberos Service (Reference)
remote applications, The Kerberos Remote Applications
table of network command options, Overview of Kerberized Commands
terminology
Kerberos Terminology
Kerberos-Specific Terminology
troubleshooting, Kerberos Troubleshooting
using, Using Kerberos Applications (Tasks)
Kerberos authentication
and Secure RPC, Kerberos Authentication
dfstab file option, How to Set Up a Secure NFS Environment With Multiple Kerberos Security Modes
Kerberos commands, Kerberos User Commands
enabling only Kerberized, How to Enable Only Kerberized Applications
examples, Using Kerberized Commands (Examples)
kern.notice entry, syslog.conf file, Preventing Executable Files From Compromising Security
kernel providers, listing, How to List Available Providers
Key Distribution Center, See KDC
key management framework (KMF), See KMF
KEYBOARD_ABORT system variable, How to Disable a System's Abort Sequence
keylogin command
use for Secure RPC, Implementation of Diffie-Hellman Authentication
verifying DH authentication setup, How to Set Up a Diffie-Hellman Key for an NIS+ Host
KeyRegenerationInterval keyword, sshd_config file, Keywords in Solaris Secure Shell
keys
creating DH key for NIS user, How to Set Up a Diffie-Hellman Key for an NIS User
creating for Solaris Secure Shell, How to Generate a Public/Private Key Pair for Use With Solaris Secure Shell
definition in Kerberos, Authentication-Specific Terminology
generating for Solaris Secure Shell, How to Generate a Public/Private Key Pair for Use With Solaris Secure Shell
generating symmetric key
using the dd command, How to Generate a Symmetric Key by Using the dd Command
using the pktool command, How to Generate a Symmetric Key by Using the pktool Command
service key, Administering Keytab Files
session keys
Kerberos authentication and, How the Kerberos Authentication System Works
using for MAC, How to Compute a MAC of a File
keyserv daemon, How to Restart the Secure RPC Keyserver
keyserver
description, Implementation of Diffie-Hellman Authentication
starting, How to Restart the Secure RPC Keyserver
keystores
exporting certificates, How to Export a Certificate and Private Key in PKCS #12 Format
importing certificates, How to Import a Certificate Into Your Keystore
listing contents, How to Create a Certificate by Using the pktool gencert Command
managed by KMF, Key Management Framework Utilities
protecting with password in KMF, How to Generate a Passphrase by Using the pktool setpin Command
supported by KMF
Managing Public Key Technologies
KMF Keystore Management
keytab file
adding master KDC's host principal to
How to Manually Configure a Master KDC
How to Configure a KDC to Use an LDAP Data Server
adding service principal to
Administering Keytab Files
How to Add a Kerberos Service Principal to a Keytab File
administering, Administering Keytab Files
administering with ktutil command, Administering Keytab Files
creating
How to Manually Configure a Master KDC
How to Configure a KDC to Use an LDAP Data Server
disabling a host's service with delete_entry command, How to Temporarily Disable Authentication for a Service on a Host
read into keytab buffer with read_kt command
How to Display the Keylist (Principals) in a Keytab File
How to Temporarily Disable Authentication for a Service on a Host
removing principals with ktremove command, How to Remove a Service Principal From a Keytab File
removing service principal from, How to Remove a Service Principal From a Keytab File
viewing contents with ktutil command
How to Remove a Service Principal From a Keytab File
How to Display the Keylist (Principals) in a Keytab File
viewing keylist buffer with list command
How to Display the Keylist (Principals) in a Keytab File
How to Temporarily Disable Authentication for a Service on a Host
keytab option, SASL and, SASL Options
keywords
See also specific keyword
attribute in BART, Rules File Attributes
command-line overrides in Solaris Secure Shell, Solaris Secure Shell Commands
Solaris Secure Shell, Keywords in Solaris Secure Shell
kgcmgr command, description, Kerberos Commands
kinit command
example, Creating a Kerberos Ticket
-F option, Creating a Kerberos Ticket
Kerberos and, Kerberos Commands
ticket lifetime, Ticket Lifetimes
klist command
example, Viewing Kerberos Tickets
-f option, Viewing Kerberos Tickets
Kerberos and, Kerberos Commands
KMF
creating
passphrases for keystores, KMF Keystore Management
password for keystore, How to Generate a Passphrase by Using the pktool setpin Command
self-signed certificate, How to Create a Certificate by Using the pktool gencert Command
exporting certificates, How to Export a Certificate and Private Key in PKCS #12 Format
importing certificates into keystore, How to Import a Certificate Into Your Keystore
keystores
Managing Public Key Technologies
KMF Keystore Management
library, Managing Public Key Technologies
managing
keystores, KMF Keystore Management
PKI policy, KMF Policy Management
public key technologies (PKI), Managing Public Key Technologies
utilities, Key Management Framework Utilities
kmfcfg command, Managing Public Key Technologies
known_hosts file
controlling distribution, Maintaining Known Hosts in Solaris Secure Shell
description, Solaris Secure Shell Files
Korn shell, privileged version, Profile Shell in RBAC
kpasswd command
error message, Changing Your Password
example, Changing Your Password
Kerberos and, Kerberos Commands
passwd command and, Changing Your Password
kprop command, description, Kerberos Commands
kpropd.acl file, description, Kerberos Files
kpropd daemon, Kerberos and, Kerberos Daemons
kproplog command, description, Kerberos Commands
krb5.conf file
description, Kerberos Files
domain_realm section, Mapping Host Names Onto Realms
editing
How to Manually Configure a Master KDC
How to Configure a KDC to Use an LDAP Data Server
ports definition, Ports for the KDC and Admin Services
krb5.keytab file, description, Kerberos Files
krb5cc_uid file, description, Kerberos Files
krb5kdc daemon
Kerberos and, Kerberos Daemons
master KDC and, Kerberos-Specific Terminology
starting
How to Manually Configure a Slave KDC
How to Configure a Slave KDC to Use Full Propagation
ksh command, privileged version, Profile Shell in RBAC
ktadd command
adding service principal
Administering Keytab Files
How to Add a Kerberos Service Principal to a Keytab File
syntax, How to Add a Kerberos Service Principal to a Keytab File
ktkt_warnd daemon, Kerberos and, Kerberos Daemons
ktremove command, How to Remove a Service Principal From a Keytab File
ktutil command
administering keytab file, Administering Keytab Files
delete_entry command, How to Temporarily Disable Authentication for a Service on a Host
Kerberos and, Kerberos Commands
list command
How to Display the Keylist (Principals) in a Keytab File
How to Temporarily Disable Authentication for a Service on a Host
read_kt command
How to Display the Keylist (Principals) in a Keytab File
How to Temporarily Disable Authentication for a Service on a Host
viewing list of principals
How to Remove a Service Principal From a Keytab File
How to Display the Keylist (Principals) in a Keytab File