This section lists some of the commands included in the SEAM product.
Table 23-2 SEAM Commands
File Name |
Description |
---|---|
/usr/bin/kdestroy |
Destroys Kerberos tickets |
/usr/bin/kinit |
Obtains and caches Kerberos ticket-granting ticket |
/usr/bin/klist |
Lists current Kerberos tickets |
/usr/bin/kpasswd |
Changes Kerberos passwords |
/usr/bin/ktutil |
Keytab maintenance utility |
/usr/sbin/gsscred |
Generates and validates GSS-API tokens for NFS services |
In addition to the new SEAM commands, the Solaris 8 release includes new security flavors to be used with the share command. These modes are defined in the /etc/nfssec.conf file. These new security modes can be used by the share command:
Select Kerberos authentication
Select Kerberos authentication with integrity
Select Kerberos authentication with integrity and privacy
When multiple modes are included with the share command, the first mode listed is used by default if the client does not specify a security mode. Otherwise, the mode that the client selected is used.
If a mount request using a Kerberos mode fails, the mount completes using none as the security mode. This often occurs when the root principal on the NFS client is not authenticated. The mount request might succeed, but the user will be unable to access the files unless they are authenticated through Kerberos. Any transactions between the client and the server require Kerberos authentication, even if the file system is not mounted using a Kerberos security mode.