SEAM 1.0 Components

Similar to the MIT distribution of Kerberos V5, SEAM includes the following:

• Key Distribution Center (KDC) (master):

  • Kerberos database administration daemon – kadmind

  • Kerberos ticket processing daemon – krb5kdc

• Slave KDCs

• Database administration programs – kadmin and kadmin.local

• Database propagation software – kprop

• User programs for obtaining, viewing, and destroying tickets – kinit, klist, kdestroy – and for changing your SEAM password – kpasswd

• Applications – ftp, rcp, rlogin, rsh, and telnet – and daemons for these applications – ftpd, rlogind, rshd and telnetd

• Administration utilities – ktutil, kdb5_util

• Several libraries

In addition, SEAM includes the following:

• SEAM Administration Tool (gkadmin) – Allows you to administer the KDC. This Java^TM technology-based GUI allows an administrator to perform the tasks that are usually performed through the kadmin command.

• The Pluggable Authentication Module (PAM) – Allows applications to use various authentication mechanisms. PAM can be used to make login and logouts transparent to the user.

• A utility (gsscred) and a daemon (gssd) – These programs help map UNIX user IDs (UIDs) to principal names. These programs are needed because SEAM NFS servers use UNIX UIDs to identify users and not principal names, which are stored in a different format.

• The Generic Security Service Application Programming Interface (GSS-API) – Allows applications to use multiple security mechanisms without having to recompile the application every time a new mechanism is added. Because GSS-API is machine-independent, it is appropriate for applications on the Internet. GSS-API provides applications with the ability to include the integrity and privacy security services, as well as authentication.

• The RPCSEC_GSS Application Programming Interface (API) – Allows NFS services to use Kerberos authentication. RPCSEC_GSS is a new security flavor that provides security services that are independent of the mechanisms being used. RPCSEC_GSS sits “on top” of the GSS-API layer. Any pluggable GSS_API-based security mechanism can be used by applications that use RPCSEC_GSS.

• A preconfiguration procedure – Allows you to set the parameters for installing and configuring SEAM, which make SEAM installation automatic. This procedure is especially useful for multiple installations.

• Kernel modifications – Allows for faster performance.