Skip Navigation Links | |
Exit Print View | |
System Administration Guide: Naming and Directory Services (NIS+) |
Part I About Naming and Directory Services
Part II NIS+ Setup and Configuration
4. Configuring NIS+ With Scripts
5. Setting Up the NIS+ Root Domain
8. Configuring an NIS+ Non-Root Domain
10. NIS+ Tables and Information
12. Administering NIS+ Credentials
14. Administering Enhanced NIS+ Security Credentials
Configuring NIS+ Security Mechanisms
Creating New NIS+ Security Mechanism Credentials
New NIS+ Security Mechanism Credentials - Example
Adding New Keys to NIS+ Directory Objects
Adding New Public Keys to NIS+ Directory Objects - Example
Configuring NIS+ Servers to Accept New Security Mechanism Credentials
Configuring NIS+ Servers to Accept New Security Mechanism Credentials - Example
Configuring NIS+ Machines to Use New Security Mechanism Credentials
Configuring NIS+ Machines to Use New Security Mechanism Credentials - Examples
Manually Refresh NIS+ Directory Objects - Example NETNAMER
Changing the Password Protecting New NIS+ Credentials
Change Password Protecting New NIS+ Credentials - Example
Configuring NIS+ Servers to Accept Only New Security Mechanism Credentials
Configuring NIS+ Servers to Accept Only New Security Mechanism Credentials - Example
Removing Old Credentials From the NIS+ cred Table
Removing Old Credentials From the NIS+ cred Table - Example
15. Administering NIS+ Access Rights
16. Administering NIS+ Passwords
18. Administering NIS+ Directories
20. NIS+ Server Use Customization
23. Information in NIS+ Tables
Common NIS+ Namespace Error Messages
The more stringent security mechanisms of the public key cryptography family such as Diffie-Hellman 640 bit (dh640-0) will require new credentials for each principal to be added to the existing cred table. The procedure outlined below is for a system currently running with Diffie-Hellman 192 bit (RPC security flavor AUTH_DH) security that will be converted to running with Diffie-Hellman 640 bit (RPC security flavor RPCSEC_GSS) security. Although this transition document highlights the most likely case, the principles are the same for converting from any one security mechanism type of the public key cryptography family to another security mechanism of the public key cryptography family.
Note - The following example assumes that $PATH includes /usr/lib/nis.