System Administration Guide: Security Services

ProcedureHow to Set Up a Diffie-Hellman Key for an NIS+ User

This procedure should be done on every user in the NIS+ domain.

  1. Assume the Primary Administrator role, or become superuser.

    The Primary Administrator role includes the Primary Administrator profile. To create the role and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

  2. Add the user to the cred table on the root master server.

    Type the following command:

    # nisaddcred -p unix.UID@domain-name -P username.domain-name. des

    Note that, in this case, the username.domain-name must end with a dot (.).

  3. Verify the setup by logging in as the client and typing the keylogin command.

Example 16–2 Setting Up a New Key for an NIS+ User

In the following example, a key for Diffie-Hellman authentication is given to the user jdoe.

# nisaddcred -p -P des
DES principal name :
Adding new key for (
Password:       <Type password>
Retype password:<Retype password>
# rlogin rootmaster -l jdoe
% keylogin
Password:       <Type password>