JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris 11.1 Administration: Security Services     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information


Part I Security Overview

1.  Security Services (Overview)

Part II System, File, and Device Security

2.  Managing Machine Security (Overview)

3.  Controlling Access to Systems (Tasks)

4.  Virus Scanning Service (Tasks)

5.  Controlling Access to Devices (Tasks)

6.  Verifying File Integrity by Using BART (Tasks)

7.  Controlling Access to Files (Tasks)

Part III Roles, Rights Profiles, and Privileges

8.  Using Roles and Privileges (Overview)

9.  Using Role-Based Access Control (Tasks)

10.  Security Attributes in Oracle Solaris (Reference)

Part IV Cryptographic Services

11.  Cryptographic Framework (Overview)

12.  Cryptographic Framework (Tasks)

13.  Key Management Framework

Part V Authentication Services and Secure Communication

14.  Using Pluggable Authentication Modules

15.  Using Secure Shell

Secure Shell (Overview)

Secure Shell Authentication

Secure Shell in the Enterprise

Secure Shell and the OpenSSH Project

Secure Shell and FIPS-140

Configuring Secure Shell (Tasks)

Configuring Secure Shell (Task Map)

How to Set Up Host-Based Authentication for Secure Shell

How to Configure Port Forwarding in Secure Shell

How to Create User and Host Exceptions to Secure Shell Defaults

How to Create an Isolated Directory for sftp Files

Using Secure Shell (Tasks)

Using Secure Shell (Task Map)

How to Generate a Public/Private Key Pair for Use With Secure Shell

How to Change the Passphrase for a Secure Shell Private Key

How to Log In to a Remote Host With Secure Shell

How to Reduce Password Prompts in Secure Shell

How to Remotely Administer ZFS With Secure Shell

How to Use Port Forwarding in Secure Shell

How to Copy Files With Secure Shell

How to Set Up Default Secure Shell Connections to Hosts Outside a Firewall

16.  Secure Shell (Reference)

17.  Using Simple Authentication and Security Layer

18.  Network Services Authentication (Tasks)

Part VI Kerberos Service

19.  Introduction to the Kerberos Service

20.  Planning for the Kerberos Service

21.  Configuring the Kerberos Service (Tasks)

22.  Kerberos Error Messages and Troubleshooting

23.  Administering Kerberos Principals and Policies (Tasks)

24.  Using Kerberos Applications (Tasks)

25.  The Kerberos Service (Reference)

Part VII Auditing in Oracle Solaris

26.  Auditing (Overview)

27.  Planning for Auditing

28.  Managing Auditing (Tasks)

29.  Auditing (Reference)



Secure Shell and FIPS-140

Oracle Solaris provides a FIPS-140 option for the server side and the client side. FIPS mode, where Secure Shell uses the FIPS-140 mode of OpenSSL, is not the default. You can invoke FIPS mode on the command line, as in ssh -o "UseFIPS140 yes" remote-host. As an alternative, you can set a keyword in the configuration files.

Briefly, the implementation consists of the following:

For more information about FIPS operations in Secure Shell, see the sshd(1M), sshd_config(4), ssh(1), and ssh_config(4) man pages.

When you use a Sun Crypto Accelerator 6000 card for Secure Shell operations, Secure Shell runs with FIPS-140 support at Level 3. Level 3 hardware is certified to resist physical tampering, use identity-based authentication, and isolate the interfaces that handle critical security parameters from the hardware's other interfaces.