SEAM Commands
This section lists some of the commands included in the SEAM product.
Table 7-2 SEAM Commands|
File Name |
Description |
|---|---|
|
/usr/krb5/bin/ftp |
Kerberized File Transfer Protocol program |
|
/usr/krb5/bin/kdestroy |
Destroys Kerberos tickets |
|
/usr/krb5/bin/kinit |
Obtains and caches Kerberos ticket-granting ticket |
|
/usr/krb5/bin/klist |
Lists current Kerberos tickets |
|
/usr/krb5/bin/kpasswd |
Changes Kerberos passwords |
|
/usr/krb5/bin/rcp |
Kerberized remote file copy program |
|
/usr/krb5/bin/rlogin |
Kerberized remote login program |
|
/usr/krb5/bin/rsh |
Kerberized remote shell program |
|
/usr/krb5/bin/telnet |
Kerberized telnet program |
|
/usr/krb5/lib/kprop |
Kerberos database propagation program |
|
/usr/krb5/sbin/gkadmin |
Kerberos database administration GUI program; used to manage principals and policies |
|
/usr/krb5/sbin/kadmin |
Remote Kerberos database administration program (run with Kerberos authentication); used to manage principals, policies, and keytab files |
|
/usr/krb5/sbin/kadmin.local |
Local Kerberos database administration program (run without Kerberos authentication; must be run on master KDC); used to manage principals, policies, and keytab files |
|
/usr/krb5/sbin/kdb5_util |
Creates Kerberos databases and stash files |
|
/usr/krb5/bin/ktutil |
Keytab maintenance utility |
|
/usr/sbin/gsscred |
Generates and validates GSS-API tokens for NFS services |
Changes to the share Command
In addition to the new SEAM commands, the SEAM product includes changes to the share command that has been delivered for both the Solaris 2.6 and the Solaris 7 release. Three new security modes can be used by the share command:
- krb5
-
Select Kerberos authentication
- krb5i
-
Select Kerberos authentication with integrity
- krb5p
-
Select Kerberos authentication with integrity and privacy
When multiple modes are included with the share command, the first mode listed is used by default if the client does not specify a security mode. Otherwise, the mode that the client selected is used.
If a mount request using a Kerberos mode fails, the mount completes using none as the security mode. This often occurs when the root principal on the NFS client is not authenticated. The mount request might succeed, but the user will be unable to access the files unless they are authenticated through Kerberos. Any transactions between the client and the server require Kerberos authentication, even if the file system is not mounted using a Kerberos security mode.
- © 2010, Oracle Corporation and/or its affiliates