S (System Administration Guide: Security Services)

System Administration Guide: Security Services


S

	`-s`
		`audit` command ( )
		`praudit` command ( )

	`-S` option of st_clean script ( )

	`sac` service name, PAM ( )

	`sample` module, description ( )

	saving, failed login attempts ( )

	scheduling ASET execution (`PERIODIC_SCHEDULE`) ( ) ( ) ( ) ( ) ( )

	scope, description ( )

	`scp` command
		authentication steps ( )
		description ( )
		using ( )

	script
		securing ( )
		testing for authorizations ( )

	SCSI devices, st_clean script ( )

	SEAM
		administering ( )
		Administration Tool ( )
		and Kerberos V5 ( ) ( )
		commands ( )
		components of ( )
		configuration decisions ( )
		configuring KDC servers ( )
		daemons ( )
		files ( )
		gaining access to server ( )
		online help ( )
		overview ( )
		overview of authentication ( )
		password management ( )
		planning for ( )
		reference ( )
		terminology ( )
		using ( )

	SEAM Administration Tool ( )
		and limited administration privileges ( )
		and list privileges ( )
		and X Window system ( )
		command-line equivalents ( )
		context-sensitive help ( )
		creating a new principal ( )
		creating new policy ( ) ( )
		default values ( )
		deleting a principal ( )
		deleting policies ( )
		displaying sublist of principals ( )
		duplicating a principal ( )
		files modified by ( )
		Filter Pattern field ( )
		`gkadmin` command ( )
		`gkadmin` command vs. `kadmin` ( ) ( )
		`.gkadmin` file ( )
		help (print) ( )
		Help button ( )
		Help Contents ( )
		how affected by privileges ( )
		`kadmin` command vs. `gkadmin` ( ) ( )
		login window ( )
		modifying a principal ( )
		modifying policies ( )
		online help ( )
		panel descriptions ( )
		privileges ( )
		setting up principal defaults ( )
		starting ( )
		table of panels ( )
		viewing a principal's attributes ( )
		viewing list of policies ( )
		viewing list of principals ( )
		viewing policy attributes ( )
		vs. `kadmin` command ( )

	searching
		files with `setuid` permissions ( ) ( )

	secondary audit directory ( )

	secret key
		changing ( )
		database ( )
		decrypting ( )
		generating ( )

	secure access ( )

	secure NIS+, adding a user ( )

	Secure RPC ( )
		implementation of ( )

	Secure RPC authentication ( )

	Secure Shell
		administering ( )
		authentication ( )
		authentication steps ( )
		configuring ( )
		configuring clients ( )
		connecting outside firewall
			from command line ( )
			from configuration file ( )
		copying files ( )
		creating keys ( )
		description ( )
		forwarding mail ( )
		important files ( )
		local port forwarding ( ) ( )
		logging in ( )
		naming identity files ( )
		port forwarding ( )
		protocol versions ( )
		public key ( )
		remote port forwarding ( )
		transferring files ( )
		typical session ( )
		user task map ( )
		using without password ( )

	securing
		against denial of service ( )
		against Trojan horse ( )
		hardware ( )
		PROM ( )
		system
			task map ( )

	securing legacy applications, description ( )

	securing scripts, description ( )

	security
		auditing and ( )
		DH authentication
			AUTH_DH client-server session ( ) ( )
		KERB authentication ( )
		password encryption ( )

	security commands
		`eeprom` command ( ) ( )

	security mode, setting up environment with multiple ( )

	security service
		in SEAM ( )
		integrity ( )
		privacy ( )

	`seq` audit policy
		description ( )
		`seq` token and ( )

	`seq` policy, `seq` token and ( )

	`seq` token
		format ( )
		`seq` policy and ( )

	server authentication parameters, `sshd_config` file ( )

	`ServerKeyBits` keyword, `sshd_config` file ( )

	servers
		and realms ( )
		AUTH_DH client-server session ( ) ( )
		configuring for Secure Shell ( )
		definition in SEAM ( )
		gaining access with SEAM ( )
		obtaining credential for ( )

	service
		definition in SEAM ( )
		disabling on a host ( )
		obtaining access for specific service ( )

	service key ( )
		definition in SEAM ( )

	service names, PAM ( )

	service principal
		adding to keytab file ( ) ( )
		description ( )
		planning for names ( )
		removing from keytab file ( )

	session ID ( )

	session key
		definition in SEAM ( )
		SEAM authentication and ( )

	`-setclass` option, `auditconfig` command ( )

	`-setcond` option, `auditconfig` command ( )

	`setenv` command
		ASET security level specification ( )
		ASET working directory specification ( )

	`setfacl` command
		adding ACL entries ( )
		deleting ACL entries ( )
		description ( )
		examples ( ) ( )
		modifying ACL entries ( )
		setting ACL entries ( ) ( )
		syntax ( )

	`setgid` permissions
		absolute mode ( ) ( )
		description ( ) ( )
		symbolic mode ( )

	`-setpmask` option of `auditconfig` comman, `auditconfig` command ( )

	`-setpolicy` option, `auditconfig` command ( )

	`-setsmask` option, `auditconfig` command ( )

	setting IDs on commands
		description ( )
		task description ( )

	setting up principal defaults ( )

	`setuid` permissions
		absolute mode ( ) ( )
		description ( )
		finding files with permissions set ( ) ( )
		security risks ( ) ( )
		symbolic mode ( )

	`-setumask` option, `auditconfig` command ( )

	`sftp` command
		authentication steps ( )
		description ( )
		using ( )

	`sh` command ( )
		privileged version ( )

	`share` command, restricting `root` access ( )

	sharing files (network security) ( )

	shell, privileged versions ( )

	shell commands, `/etc/d_passwd` file entries ( )

	shell programs
		ASET security level specification ( )
		ASET working directory specification ( )

	short praudit output format ( )

	`shosts.equiv` file, description ( )

	`.shosts` file, description ( )

	signal received during auditing shutdown ( )

	single-sign-on system, SEAM and ( )

	size
		reducing audit files ( )
			`auditreduce` command ( )
			auditreduce command ( )
		reducing storage-space requirements for audit files ( )

	`slave_datatrans` file ( )
		description ( )

	slave KDCs
		adding names to cron job ( )
		configuring ( )
		definition ( )
		master KDC and ( )
		or master ( )
		planning for ( )
		swapping with master KDC ( )

	`smartcard` module, description ( )

	`smattrpop` command, description ( )

	SMC
		See Solaris Management Console

	`smexec` command, description ( )

	`smmultiuser` command, description ( )

	`smprofile` command, description ( )

	`smrole` command, description ( )

	`smuser` command, description ( )

	`socket` token ( )

	soft limit
		`audit_warn` condition ( )
		`minfree:` line description ( )

	soft string with `audit_warn` script ( )

	Solaris Management Console
		role assumption ( )
		running the user tools ( )

	`sr_clean` script, description ( )

	`ssh-add` command
		description ( )
		example ( ) ( )

	`ssh-agent` command
		description ( )
		from command line ( )
		in scripts ( )

	`ssh` command
		authentication steps ( )
		description ( )
		`-L` option ( )
		`-o` option ( )
		permitting access ( )
		port forwarding ( )
		`-R` option ( )
		using ( )

	`ssh_config` file
		client authentication parameters ( )
		configuring Secure Shell ( )
		connection parameters ( )
		host-specific parameters ( )
		keywords
			See specific keyword
		known host file parameters ( )

	`ssh_host_key` file, description ( )

	`ssh_host_key.pub` file, description ( )

	`ssh-keygen` command
		description ( )
		using ( )

	`ssh_known_hosts` file
		configuring Secure Shell ( )
		description ( )

	`ssh` service name, PAM ( )

	`sshd` command
		configuring for forwarding ( )
		description ( )
		session controls ( )

	`sshd_config` file
		description ( )
		forwarding parameters ( )
		ports parameters ( )
		server connection parameters ( )
		session control parameters ( )

	`sshd.pid` file, description ( )

	`sshrc` file, description ( )

	`st_clean` script, description ( )

	st_clean script for tape drives ( )

	stacking, in PAM ( )

	standard cleanup ( )

	starting
		ASET
			initiating sessions from shell ( )
			running interactively ( )
		KDC daemon ( )

	stash file
		creating ( )
		definition ( )

	sticky bit permissions
		absolute mode ( ) ( )
		description ( )
		symbolic mode ( )

	stopping, dial-up logins temporarily ( )

	storage, audit records and ( )

	storage costs, BSM and ( )

	storage overflow prevention, audit trail ( )

	`StrictHostKeyChecking` keyword, `ssh_config` file ( )

	`StrictModes` keyword, `sshd_config` file ( )

	`su` command
		displaying use on console ( )
		in role assumption ( )
		monitoring use ( )

	`su` file, monitoring `su` command ( )

	`su` service name, PAM ( )

	`subject` token, format ( )

	`Subsystem` keyword, `sshd_config` file ( )

	success
		audit flag prefix ( ) ( )
		turning off audit flags for ( )

	`sufficient` control flag, PAM ( )

	`sulog` file ( )

	superuser
		eliminating superuser in RBAC ( )
		model versus RBAC ( )

	`suser`, security policy ( )

	swapping master and slave KDCs ( )

	symbolic links
		file permissions ( )
		latest directory (ASET) ( )

	symbolic mode
		changing file permissions ( ) ( ) ( )
		description ( )

	synchronizing clocks ( ) ( ) ( )

	`sysconf.rpt` file
		description ( ) ( )

	`SyslogFacility` keyword, `sshd_config` file ( )

	System Administrator
		rights profile ( ) ( ) ( )
		role ( )

	system calls
		`arg` token ( )
		`auditsvc()` fails ( )
		`auditsvc()` fails ( )
		close ( )
		event numbers ( )
		`exec_args` token ( )
		`exec_env` token ( )
		ioctl ( ) ( )
		`return` token ( )

	system security
		dial-up login restrictions ( )
		dial-up passwords
			disabling dial-up logins temporarily ( )
			`/etc/d_passwd` file ( )
		displaying
			user's login status ( ) ( )
			users with no passwords ( )
		firewall systems ( )
		hardware protection ( ) ( )
		introduction ( )
		login access restrictions ( ) ( )
		machine access ( )
		overview ( )
		password encryption ( )
		passwords ( )
		restricted shell ( ) ( )
		restricting `root` login to console ( )
		role-based access control ( )
		`root` access restrictions ( ) ( )
		saving failed login attempts ( )
		special logins ( ) ( )
		`su` command monitoring ( ) ( )

	System V IPC
		ipc audit class ( )
		`ipc_perm` token ( )
		`ipc` token ( ) ( )

	systems
		security
			ACL ( )