How to Set Up a Diffie-Hellman Key for an NIS+ User (System Administration Guide: Security Services)

System Administration Guide: Security Services

How to Set Up a Diffie-Hellman Key for an NIS+ User

This procedure should be done on every user in the NIS+ domain.

Assume the Primary Administrator role, or become superuser.

The Primary Administrator role includes the Primary Administrator profile. To create the role and assign the role to a user, see Chapter 2, Working With the Solaris Management Console (Tasks), in System Administration Guide: Basic Administration.

Add the user to the cred table on the root master server.

Type the following command:
# nisaddcred -p unix.UID@domain-name -P username.domain-name. des
Note that, in this case, the username.domain-name must end with a dot (.).

Verify the setup by logging in as the client and typing the keylogin command.

Example 16–2 Setting Up a New Key for an NIS+ User

In the following example, a key for Diffie-Hellman authentication is given to the user jdoe.

# nisaddcred -p unix.1234@example.com -P jdoe.example.com. des
DES principal name : unix.1234@example.com
Adding new key for unix.1234@example.com (jdoe.example.com.)
Password:       <Type password>
Retype password:<Retype password>
# rlogin rootmaster -l jdoe
% keylogin
Password:       <Type password>
%

© 2010, Oracle Corporation and/or its affiliates