JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Oracle Solaris 11.1 Administration: Security Services     Oracle Solaris 11.1 Information Library
search filter icon
search icon

Document Information

Preface

Part I Security Overview

1.  Security Services (Overview)

Part II System, File, and Device Security

2.  Managing Machine Security (Overview)

3.  Controlling Access to Systems (Tasks)

4.  Virus Scanning Service (Tasks)

5.  Controlling Access to Devices (Tasks)

6.  Verifying File Integrity by Using BART (Tasks)

7.  Controlling Access to Files (Tasks)

Part III Roles, Rights Profiles, and Privileges

8.  Using Roles and Privileges (Overview)

9.  Using Role-Based Access Control (Tasks)

10.  Security Attributes in Oracle Solaris (Reference)

Part IV Cryptographic Services

11.  Cryptographic Framework (Overview)

12.  Cryptographic Framework (Tasks)

13.  Key Management Framework

Part V Authentication Services and Secure Communication

14.  Using Pluggable Authentication Modules

15.  Using Secure Shell

16.  Secure Shell (Reference)

17.  Using Simple Authentication and Security Layer

18.  Network Services Authentication (Tasks)

Part VI Kerberos Service

19.  Introduction to the Kerberos Service

20.  Planning for the Kerberos Service

21.  Configuring the Kerberos Service (Tasks)

22.  Kerberos Error Messages and Troubleshooting

23.  Administering Kerberos Principals and Policies (Tasks)

24.  Using Kerberos Applications (Tasks)

25.  The Kerberos Service (Reference)

Part VII Auditing in Oracle Solaris

26.  Auditing (Overview)

27.  Planning for Auditing

28.  Managing Auditing (Tasks)

29.  Auditing (Reference)

Glossary

Index

Numbers and Symbols

A

B

C

D

E

F

G

H

I

K

L

M

N

O

P

Q

R

S

T

U

V

W

X

Z

R

-R option
bart create
index iconHow to Create a Control Manifest
index iconHow to Compare Manifests for the Same System Over Time
ssh command, index iconHow to Use Port Forwarding in Secure Shell
-r option
bart create, index iconHow to Compare Manifests for the Same System Over Time
passwd command, index iconManaging Password Information
random numbers, pktool command, index iconHow to Generate a Symmetric Key by Using the pktool Command
RBAC
adding privileged users, index iconHow to Change the Security Attributes of a User
adding roles, index iconHow to Create a Role
administration commands, index iconCommands That Manage RBAC
audit profiles, index iconRights Profiles for Administering Auditing
auditing roles, index iconHow to Audit Roles
authorization database, index iconauth_attr Database
authorizations, index iconRBAC Authorizations
basic concepts, index iconRBAC Elements and Basic Concepts
changing role passwords, index iconHow to Change the Password of a Role
checking scripts or programs for authorizations, index iconHow to Add RBAC Properties to Legacy Applications
commands for managing, index iconCommands That Manage RBAC
compared to superuser model, index iconRBAC: An Alternative to the Superuser Model
configuring, index iconCustomizing RBAC for Your Site (Tasks)
creating authorizations, index iconHow to Create an Authorization
creating rights profiles, index iconHow to Create a Rights Profile
databases, index iconRBAC Databases
defaults, index iconViewing and Using RBAC Defaults (Tasks)
elements, index iconRBAC Elements and Basic Concepts
gaining administrative rights, index iconHow to Use Your Assigned Administrative Rights
modifying roles, index iconHow to Change the Security Attributes of a Role
modifying users, index iconHow to Change the Security Attributes of a User
naming services and, index iconRBAC Databases and the Naming Services
planning, index iconHow to Plan Your RBAC Implementation
profile shells, index iconProfile Shells and RBAC
restricting rights, index iconHow to Restrict an Administrator to Explicitly Assigned Rights
rights profile database, index iconprof_attr Database
rights profiles, index iconRBAC Rights Profiles
securing scripts, index iconHow to Add RBAC Properties to Legacy Applications
troubleshooting, index iconHow to Troubleshoot RBAC and Privilege Assignment
using user password to assume role
index iconHow to Reorder Assigned Security Attributes
index iconHow to Enable a User to Use Own Password to Assume a Role
viewing all RBAC security attributes, index iconHow to View All Defined Security Attributes
viewing your rights, index iconHow to View Your Assigned Rights
RC4, See ARCFOUR kernel provider
rcp command
Kerberos and
index iconOverview of Kerberized Commands
index iconKerberos Commands
rd audit event modifier, index iconheader Token
read_kt command
index iconHow to Display the Keylist (Principals) in a Keytab File
index iconHow to Temporarily Disable Authentication for a Service on a Host
read permissions, symbolic mode, index iconFile Permission Modes
readable audit record format, converting audit records to, index iconHow to View the Contents of Binary Audit Files
realms (Kerberos)
configuration decisions, index iconPlanning Kerberos Realms
configuring cross-realm authentication, index iconConfiguring Cross-Realm Authentication
contents of, index iconKerberos Servers
direct, index iconHow to Establish Direct Cross-Realm Authentication
hierarchical, index iconHow to Establish Hierarchical Cross-Realm Authentication
hierarchical or nonhierarchical, index iconKerberos Realms
hierarchy, index iconRealm Hierarchy
in principal names, index iconKerberos Principals
mapping host names onto, index iconMapping Host Names Onto Realms
names, index iconRealm Names
number of, index iconNumber of Realms
requesting tickets for specific, index iconOverview of Kerberized Commands
servers and, index iconKerberos Servers
reauth_timeout option, SASL and, index iconSASL Options
redirecting arrow (>), preventing redirection, index iconAssigning a Restricted Shell to Users
reducing
audit files, index iconHow to Merge Audit Files From the Audit Trail
disk space required for audit files, index iconHow to Compress Audit Files on a Dedicated File System
storage-space requirements for audit files, index iconAuditing Efficiently
refreshing
audit service
index iconHow to Refresh the Audit Service
index iconHow to Refresh the Audit Service
index iconHow to Refresh the Audit Service
cryptographic services, index iconHow to Refresh or Restart All Cryptographic Services
registering providers, Cryptographic Framework, index iconPlugins to the Cryptographic Framework
RekeyLimit keyword, ssh_config file, index iconKeywords in Secure Shell
rem_drv command, description, index iconDevice Policy Commands
remote auditing, index iconAudit Terminology and Concepts
remote logins
authentication, index iconAuthentication and Authorization for Remote Access
authorization, index iconAuthentication and Authorization for Remote Access
preventing root access, index iconHow to Restrict and Monitor root Logins
security and, index iconImplementation of Diffie-Hellman Authentication
RemoteForward keyword, ssh_config file, index iconKeywords in Secure Shell
removable media, allocating, index iconHow to Allocate a Device
removing
audit events from audit_event file, index iconHow to Prevent the Auditing of Specific Events
cryptographic providers
index iconHow to Prevent the Use of a User-Level Mechanism
index iconHow to Prevent the Use of a Kernel Software Provider
plugins from KMF, index iconHow to Manage Third-Party Plugins in KMF
principals with ktremove command, index iconHow to Remove a Service Principal From a Keytab File
privileges from basic set, index iconHow to Create a Rights Profile
privileges from limit set, index iconHow to Change the Security Attributes of a User
privileges from limit set in rights profile, index iconHow to Create a Rights Profile
service principal from keytab file, index iconHow to Remove a Service Principal From a Keytab File
software providers
permanently
index iconHow to Prevent the Use of a Kernel Software Provider
index iconHow to Prevent the Use of a Kernel Software Provider
temporarily, index iconHow to Prevent the Use of a Kernel Software Provider
user-specific auditing, index iconHow to Configure a User's Audit Characteristics
renewable ticket, definition, index iconTypes of Tickets
replacing
preselected audit classes, index iconHow to Preselect Audit Classes
superuser with roles, index iconHow to Plan Your RBAC Implementation
replayed transactions, index iconImplementation of Diffie-Hellman Authentication
reporting tool, See bart compare
reports, BART, index iconBART (Overview)
repository, installing third-party providers, index iconHow to Add a Software Provider
required control flag, PAM, index iconHow PAM Stacking Works
requisite control flag, PAM, index iconHow PAM Stacking Works
resource controls
privileges, and, index iconPrivileges and System Resources
project.max-locked-memory, index iconPrivileges and System Resources
zone.max-locked-memory, index iconPrivileges and System Resources
restarting
cryptographic services, index iconHow to Refresh or Restart All Cryptographic Services
ssh service, index iconHow to Configure Port Forwarding in Secure Shell
sshd daemon, index iconHow to Configure Port Forwarding in Secure Shell
restoring, cryptographic providers, index iconHow to Prevent the Use of a Kernel Software Provider
restricted shell (rsh), index iconAssigning a Restricted Shell to Users
restricting
remote root access, index iconHow to Restrict and Monitor root Logins
root access, index iconMonitoring and Restricting root Access (Tasks)
user privileges in an assigned rights profile, index iconHow to Create a Rights Profile
restricting access for KDC servers, index iconHow to Restrict Access to KDC Servers
RETRIES in Secure Shell, index iconSecure Shell and Login Environment Variables
return audit token, format, index iconreturn Token
rewoffl option, mt command, index iconDevice-Clean Scripts
.rhosts file, description, index iconSecure Shell Files
RhostsAuthentication keyword, Secure Shell, index iconKeywords in Secure Shell
RhostsRSAAuthentication keyword, Secure Shell, index iconKeywords in Secure Shell
right, See rights profiles
rights, restricting administrator to explicitly assigned, index iconHow to Restrict an Administrator to Explicitly Assigned Rights
rights profiles
adding privileges to command, index iconHow to Create a Rights Profile
adding solaris.admin.edit authorization, index iconHow to Clone and Modify a System Rights Profile
All, index iconRights Profiles
assigning to trusted users
index iconRBAC: An Alternative to the Superuser Model
index iconHow to Plan Your RBAC Implementation
for audit service, index iconRights Profiles for Administering Auditing
authenticating with user's password
index iconHow to Reorder Assigned Security Attributes
index iconHow to Enable a User to Use Own Password to Assume a Role
Basic Solaris User, index iconRights Profiles
changing contents of, index iconHow to Create a Rights Profile
cloning contents of, index iconHow to Clone and Modify a System Rights Profile
Console User
index iconRights Profiles
index iconOrder of Search for Assigned Security Attributes
contents of typical, index iconRights Profiles
creating for Sun Ray users, index iconHow to Create a Rights Profile
databases
See prof_attr database and exec_attr database
description
index iconRBAC Elements and Basic Concepts
index iconRBAC Rights Profiles
Device Management, index iconDevice Allocation Rights Profiles
Device Security
index iconHow to Enable Device Allocation
index iconDevice Allocation Rights Profiles
major rights profiles descriptions, index iconRights Profiles
modifying
index iconHow to Create a Rights Profile
index iconHow to Clone and Modify a System Rights Profile
Network IPsec Management, index iconHow to Clone and Modify a System Rights Profile
Operator, index iconRights Profiles
order of search, index iconOrder of Search for Assigned Security Attributes
preventing privilege escalation
index iconRBAC: An Alternative to the Superuser Model
index iconHow to Plan Your RBAC Implementation
Printer Management, index iconRights Profiles
removing authorizations, index iconHow to Clone and Modify a System Rights Profile
removing privileges from limit set, index iconHow to Create a Rights Profile
restricting basic privileges, index iconHow to Create a Rights Profile
Stop
index iconRights Profiles
index iconOrder of Search for Assigned Security Attributes
System Administrator, index iconRights Profiles
troubleshooting, index iconHow to Troubleshoot RBAC and Privilege Assignment
using the System Administrator profile, index iconHow to Require a Password for SPARC Hardware Access
viewing contents, index iconViewing the Contents of Rights Profiles
VSCAN Management, index iconHow to Clone and Modify a System Rights Profile
rlogin command
Kerberos and
index iconOverview of Kerberized Commands
index iconKerberos Commands
rlogind daemon, Kerberos and, index iconKerberos Daemons
role-based access control, See RBAC
roleadd command
description
index iconCommands That Manage RBAC
index iconCommands That Manage RBAC
using, index iconHow to Create a Role
roleauth keyword
passwords for roles
index iconHow to Reorder Assigned Security Attributes
index iconHow to Enable a User to Use Own Password to Assume a Role
rolemod command
changing properties of role
index iconHow to Change the Security Attributes of a Role
index iconHow to Restrict an Administrator to Explicitly Assigned Rights
description, index iconCommands That Manage RBAC
passwords for roles
index iconHow to Reorder Assigned Security Attributes
index iconHow to Enable a User to Use Own Password to Assume a Role
roles
assigning privileges to, index iconHow to Change the Security Attributes of a Role
assigning with usermod command, index iconHow to Assign a Role
assuming, index iconHow to Assume a Role
assuming after login, index iconRBAC Roles
assuming in a terminal window
index iconProfile Shells and RBAC
index iconHow to Assume a Role
assuming root role, index iconHow to Assume a Role
auditing, index iconHow to Audit Roles
authenticating with user's password
index iconHow to Reorder Assigned Security Attributes
index iconHow to Enable a User to Use Own Password to Assume a Role
changing password of, index iconHow to Change the Password of a Role
changing properties of, index iconHow to Change the Security Attributes of a Role
creating, index iconHow to Create a Role
Crypto Management role, index iconHow to Assign a Role
description, index iconRBAC Roles
determining directly assigned privileges, index iconHow to Determine the Privileges That You Have Been Directly Assigned
determining role's privileged commands, index iconHow to Determine the Privileged Commands That You Can Run
listing local roles
index iconHow to Assume a Role
index iconCommands That Manage RBAC
making root role into user, index iconHow to Change the root Role Into a User
modifying, index iconHow to Change the Security Attributes of a Role
recommended roles, index iconRBAC: An Alternative to the Superuser Model
summary, index iconRBAC Elements and Basic Concepts
use in RBAC, index iconRBAC: An Alternative to the Superuser Model
using an assigned role, index iconHow to Assume a Role
using to access the hardware, index iconHow to Require a Password for SPARC Hardware Access
using user password
index iconRBAC Elements and Basic Concepts
index iconHow to Enable a User to Use Own Password to Assume a Role
roles command
description, index iconCommands That Manage RBAC
using, index iconHow to Assume a Role
root access
monitoring and restricting, index iconMonitoring and Restricting root Access (Tasks)
monitoring attempts, index iconHow to Restrict and Monitor root Logins
troubleshooting remote, index iconHow to Restrict and Monitor root Logins
root account, description, index iconSpecial System Accounts
root principal, adding to host's keytab, index iconAdministering Keytab Files
root role
assuming role, index iconHow to Assume a Role
changing from root user, index iconHow to Change the root Role Into a User
changing password, index iconHow to Change the root Password
changing to root user, index iconHow to Change the root Role Into a User
provided role, index iconRBAC: An Alternative to the Superuser Model
troubleshooting, index iconHow to Change the root Role Into a User
root user
changing into root role, index iconHow to Change the root Role Into a User
displaying access attempts on console, index iconHow to Restrict and Monitor root Logins
monitoring su command attempts
index iconLimiting and Monitoring Superuser Access
index iconHow to Monitor Who Is Using the su Command
replacing in RBAC, index iconRBAC Roles
restricting access, index iconRestricting root Access to Shared Files
restricting remote access
index iconHow to Restrict and Monitor root Logins
index iconHow to Restrict and Monitor root Logins
tracking logins, index iconLimiting and Monitoring Superuser Access
RSA kernel provider, index iconHow to List Available Providers
RSAAuthentication keyword, Secure Shell, index iconKeywords in Secure Shell
rsh command
Kerberos and
index iconOverview of Kerberized Commands
index iconKerberos Commands
rsh command (restricted shell), index iconAssigning a Restricted Shell to Users
rshd daemon, Kerberos and, index iconKerberos Daemons
rstchown system variable, index iconHow to Change the Owner of a File
rsyslog.conf entry
creating for PAM, index iconHow to Log PAM Error Reports
creating for real-time audit logs, index iconHow to Configure syslog Audit Logs
rules file (BART), index iconBART Rules File
rules file attributes, See keywords
rules file format (BART), index iconBART Rules File Format
rules file specification language, See quoting syntax