System Administration Guide: Security Services

ProcedureHow to Set Up a Diffie-Hellman Key for an NIS Host

This procedure should be done on every host in the NIS domain.

  1. Assume the Primary Administrator role, or become superuser.

    The Primary Administrator role includes the Primary Administrator profile. To create the role and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

  2. Enable the publickey map in the name service.

    Add the following line to the /etc/nsswitch.conf file:

    publickey: nis
  3. Create a new key pair by using the newkey command.

    # newkey -h hostname

    where hostname is the name of the client.

Example 16–3 Setting Up a New Key for root on an NIS Client

In the following example, earth is set up as a secure NIS client.

# newkey -h earth
Adding new key for
New Password:   <Type password>
Retype password:<Retype password>
Please wait for the database to get updated...
Your new key has been successfully stored away.