JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Trusted Extensions Configuration and Administration     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information

Preface

Part I Initial Configuration of Trusted Extensions

1.  Security Planning for Trusted Extensions

2.  Configuration Roadmap for Trusted Extensions

3.  Adding the Trusted Extensions Feature to Oracle Solaris (Tasks)

4.  Configuring Trusted Extensions (Tasks)

5.  Configuring LDAP for Trusted Extensions (Tasks)

Part II Administration of Trusted Extensions

6.  Trusted Extensions Administration Concepts

7.  Trusted Extensions Administration Tools

8.  Security Requirements on a Trusted Extensions System (Overview)

9.  Performing Common Tasks in Trusted Extensions

10.  Users, Rights, and Roles in Trusted Extensions (Overview)

11.  Managing Users, Rights, and Roles in Trusted Extensions (Tasks)

12.  Remote Administration in Trusted Extensions (Tasks)

Remote Administration in Trusted Extensions

Methods for Administering Remote Systems in Trusted Extensions

Configuring and Administering Remote Systems in Trusted Extensions (Task Map)

Enable Remote Administration of a Remote Trusted Extensions System

How to Configure a Trusted Extensions System With Xvnc for Remote Access

How to Log In and Administer a Remote Trusted Extensions System

13.  Managing Zones in Trusted Extensions

14.  Managing and Mounting Files in Trusted Extensions

15.  Trusted Networking (Overview)

16.  Managing Networks in Trusted Extensions (Tasks)

17.  Trusted Extensions and LDAP (Overview)

18.  Multilevel Mail in Trusted Extensions (Overview)

19.  Managing Labeled Printing (Tasks)

20.  Devices in Trusted Extensions (Overview)

21.  Managing Devices for Trusted Extensions (Tasks)

22.  Trusted Extensions Auditing (Overview)

23.  Software Management in Trusted Extensions

A.  Site Security Policy

Creating and Managing a Security Policy

Site Security Policy and Trusted Extensions

Computer Security Recommendations

Physical Security Recommendations

Personnel Security Recommendations

Common Security Violations

Additional Security References

B.  Configuration Checklist for Trusted Extensions

Checklist for Configuring Trusted Extensions

C.  Quick Reference to Trusted Extensions Administration

Administrative Interfaces in Trusted Extensions

Oracle Solaris Interfaces Extended by Trusted Extensions

Tighter Security Defaults in Trusted Extensions

Limited Options in Trusted Extensions

D.  List of Trusted Extensions Man Pages

Trusted Extensions Man Pages in Alphabetical Order

Oracle Solaris Man Pages That Are Modified by Trusted Extensions

Glossary

Index

Methods for Administering Remote Systems in Trusted Extensions

In Trusted Extensions, you must use the Secure Shell protocol with host-based authentication to reach and administer the remote system. Host-based authentication enables an identically-named user account to assume a role on the remote Trusted Extensions.

When host-based authentication is used, the Secure Shell client sends both the original username and the role name to the remote system, the server. With this information, the server can pass sufficient content to the pam_roles module to enable role assumption without the user account logging in to the server.

The following methods of remote administration are possible in Trusted Extensions:

In either administrative scenario, to use the root role for remote login, you must relax PAM policy by specifying the allow_remote option for the pam_roles module.

Typically, administrators use the ssh command to administer remote systems from the command line. With the -X option, Trusted Extensions administrative GUIs can be used.

Also, you can configure the remote Trusted Extensions with the Xvnc server. Then, a Virtual Network Computing (VNC) connection can be used to display the remote multilevel desktop and administer the system. See How to Configure a Trusted Extensions System With Xvnc for Remote Access.