C
- -C option, auditreduce command,
How to Merge Audit Files From the Audit Trail
- C shell, privileged version,
Profile Shells and RBAC
- -c option
- auditreduce command
How to Select Audit Events From the Audit Trail
How to Select Audit Events From the Audit Trail
- bsmrecord command,
How to Display Audit Record Formats
- c2audit:audit_load entry, system file,
system File
- c2audit module, verifying is loaded,
How to Determine That Oracle Solaris Auditing Is Running
- cache, credential,
How the Kerberos Authentication System Works
- canon_user_plugin option, SASL and,
SASL Options
- caret (^) in audit class prefixes,
Audit Class Syntax
- CD-ROM drives
- allocating,
How to Mount an Allocated Device
- security,
Device-Clean Scripts
- cdrw command, authorizations required,
Commands That Require Authorizations
- certificates
- exporting for use by another system,
How to Export a Certificate and Private Key in PKCS #12 Format
- generating with pktool gencert command,
How to Create a Certificate by Using the pktool gencert Command
- importing into keystore,
How to Import a Certificate Into Your Keystore
- ChallengeResponseAuthentication keyword, See KbdInteractiveAuthentication keyword
- changepw principal,
Administering Keytab Files
- changing
- ACL entries,
How to Change ACL Entries on a File
- allocatable devices,
How to Change Which Devices Can Be Allocated
- audit_class file,
How to Add an Audit Class
- audit_control file,
How to Modify the audit_control File
- audit_event file,
How to Change an Audit Event's Class Membership
- default password algorithm,
Changing the Password Algorithm (Task Map)
- device policy,
How to Change the Device Policy on an Existing Device
- file ownership,
How to Change the Owner of a Local File
- file permissions
- absolute mode,
How to Change File Permissions in Absolute Mode
- special,
How to Change Special File Permissions in Absolute Mode
- symbolic mode,
How to Change File Permissions in Symbolic Mode
group ownership of file,
How to Change Group Ownership of a File
- NFS secret keys,
Implementation of Diffie-Hellman Authentication
- passphrase for Secure Shell,
How to Change the Passphrase for a Secure Shell Private Key
- password algorithm for a domain,
How to Specify a New Password Algorithm for an NIS Domain
- password algorithm task map,
Changing the Password Algorithm (Task Map)
- password of role,
How to Change the Password of a Role
- properties of role,
How to Change the Properties of a Role
- rights profile contents,
How to Create or Change a Rights Profile
- rights profile from command line,
How to Create or Change a Rights Profile
- root user into role,
How to Make root User Into a Role
- special file permissions,
How to Change Special File Permissions in Absolute Mode
- user properties from command line,
How to Change the RBAC Properties of a User
- your password with kpasswd,
Changing Your Password
- your password with passwd,
Changing Your Password
- CheckHostIP keyword, ssh_config file,
Keywords in Secure Shell
- chgrp command
- description,
Commands for Viewing and Securing Files
- syntax,
How to Change Group Ownership of a File
- chkey command
Implementation of Diffie-Hellman Authentication
How to Set Up a Diffie-Hellman Key for an NIS User
- chmod command
- changing special permissions
How to Change Special File Permissions in Absolute Mode
How to Change Special File Permissions in Absolute Mode
- description,
Commands for Viewing and Securing Files
- syntax,
How to Change Special File Permissions in Absolute Mode
- choosing, your password,
Advice on Choosing a Password
- chown command, description,
Commands for Viewing and Securing Files
- ChrootDirectory keyword, ssh_config file,
Keywords in Secure Shell
- Cipher keyword, ssh_config file,
Keywords in Secure Shell
- Ciphers keyword, Secure Shell,
Keywords in Secure Shell
- cklist.rpt file
System Files Checks
Format of ASET Report Files
- CKLISTPATH_level variable (ASET),
CKLISTPATH_level Environment Variables
- classes, See audit classes
- cleaning up, binary audit files,
How to Clean Up a not_terminated Audit File
- clear protection level,
Overview of Kerberized Commands
- ClearAllForwardings keyword, Secure Shell port forwarding,
Keywords in Secure Shell
- client names, planning for in Kerberos,
Client and Service Principal Names
- ClientAliveCountMax keyword, ssh_config file,
Keywords in Secure Shell
- ClientAliveInterval keyword, ssh_config file,
Keywords in Secure Shell
- clients
- AUTH_DH client-server session,
Implementation of Diffie-Hellman Authentication
- configuring for Secure Shell
Session Characteristics in Secure Shell
Client Configuration in Secure Shell
- configuring Kerberos,
Configuring Kerberos Clients
- definition in Kerberos,
Authentication-Specific Terminology
- clntconfig principal
- creating
How to Manually Configure a Master KDC
How to Configure a KDC to Use an LDAP Data Server
- clock skew
- Kerberos and,
Synchronizing Clocks Between KDCs and Kerberos Clients
- Kerberos planning and,
Clock Synchronization Within a Realm
- clock synchronizing
- Kerberos master KDC and
How to Manually Configure a Master KDC
How to Configure a KDC to Use an LDAP Data Server
- Kerberos planning and,
Clock Synchronization Within a Realm
- Kerberos slave KDC and,
How to Manually Configure a Slave KDC
- Kerberos slave server and,
How to Configure a Slave KDC to Use Full Propagation
- cmd audit token
Auditing Enhancements in the Solaris 10 Release
cmd Token
- cnt audit policy, description,
Determining Audit Policy
- combining audit files
- auditreduce command
How to Merge Audit Files From the Audit Trail
auditreduce Command
- from different zones,
Auditing and Oracle Solaris Zones
- command execution, Secure Shell,
Command Execution and Data Forwarding in Secure Shell
- command-line equivalents of SEAM Tool,
Command-Line Equivalents of the SEAM Tool
- commands
- See also individual commands
- ACL commands,
Commands for Administering UFS ACLs
- auditing commands,
Audit Commands
- cryptographic framework commands,
Administrative Commands in the Oracle Solaris Cryptographic Framework
- determining user's privileged commands,
How to Determine the Privileged Commands That You Can Run
- device allocation commands,
Device Allocation Commands
- device policy commands,
Device Policy Commands
- file protection commands,
Commands for Viewing and Securing Files
- for administering privileges,
Administrative Commands for Handling Privileges
- Kerberos,
Kerberos Commands
- RBAC administration commands,
Commands That Manage RBAC
- Secure RPC commands,
Implementation of Diffie-Hellman Authentication
- Secure Shell commands,
Secure Shell Commands
- that assign privileges,
Assigning Privileges
- that check for privileges,
Applications That Check for Privileges
- user-level cryptographic commands,
User-Level Commands in the Oracle Solaris Cryptographic Framework
- common keys
- calculating,
Implementation of Diffie-Hellman Authentication
- DH authentication and,
Diffie-Hellman Authentication and Secure RPC
- components
- BART,
BART Components
- device allocation mechanism,
Components of Device Allocation
- RBAC,
Oracle Solaris RBAC Elements and Basic Concepts
- Secure Shell user session,
Command Execution and Data Forwarding in Secure Shell
- Compression keyword, Secure Shell,
Keywords in Secure Shell
- CompressionLevel keyword, ssh_config file,
Keywords in Secure Shell
- Computer Emergency Response Team/Coordination Center (CERT/CC),
Reporting Security Problems
- computer security, See system security
- computing
- DH key,
How to Set Up a Diffie-Hellman Key for an NIS Host
- digest of a file,
How to Compute a Digest of a File
- MAC of a file,
How to Compute a MAC of a File
- secret key
How to Generate a Symmetric Key by Using the dd Command
How to Generate a Symmetric Key by Using the pktool Command
- configuration decisions
- auditing
- file storage,
How to Plan Storage for Audit Records
- policy,
Determining Audit Policy
- who and what to audit,
How to Plan Who and What to Audit
- zones,
How to Plan Auditing in Zones
Kerberos
- client and service principal names,
Client and Service Principal Names
- clients,
Client Configuration Options
- clock synchronization,
Clock Synchronization Within a Realm
- database propagation,
Which Database Propagation System to Use
- encryption types,
Kerberos Encryption Types
- KDC server,
KDC Configuration Options
- mapping host names onto realms,
Mapping Host Names Onto Realms
- number of realms,
Number of Realms
- ports,
Ports for the KDC and Admin Services
- realm hierarchy,
Realm Hierarchy
- realm names,
Realm Names
- realms,
Planning Kerberos Realms
- slave KDCs,
The Number of Slave KDCs
password algorithm,
Password Encryption
- configuration files
- ASET,
Automated Security Enhancement Tool (ASET)
- audit_class file,
audit_class File
- audit_control file
How to Modify the audit_control File
auditd Daemon
audit_control File
- audit_event file,
audit_event File
- audit_startup script,
audit_startup Script
- audit_user database,
audit_user Database
- device_maps file,
device_maps File
- nsswitch.conf file,
Maintaining Login Control
- for password algorithms,
Password Encryption
- policy.conf file
Password Encryption
How to Specify an Algorithm for Password Encryption
Commands That Manage RBAC
- Secure Shell,
Session Characteristics in Secure Shell
- syslog.conf file
How to Monitor All Failed Login Attempts
Files With Privilege Information
syslog.conf File
- system file,
system File
- with privilege information,
Files With Privilege Information
- configuring
- ahlt audit policy,
How to Configure Audit Policy
- ASET
Configuring ASET
Modifying the Tune Files
- audit_class file,
How to Add an Audit Class
- audit_control file,
How to Modify the audit_control File
- audit_event file,
How to Change an Audit Event's Class Membership
- audit files,
Configuring Audit Files (Tasks)
- audit files task map,
Configuring Audit Files (Task Map)
- audit policy,
How to Configure Audit Policy
- audit policy temporarily,
How to Configure Audit Policy
- audit service task map,
Configuring and Enabling the Audit Service (Task Map)
- audit_startup script,
How to Configure Audit Policy
- audit trail overflow prevention,
How to Prevent Audit Trail Overflow
- audit_user database,
How to Change a User's Audit Characteristics
- audit_warn script,
How to Configure the audit_warn Email Alias
- auditconfig command,
auditconfig Command
- auditing in zones
Auditing on a System With Oracle Solaris Zones
Auditing and Oracle Solaris Zones
- custom roles,
How to Create a Role From the Command Line
- device allocation,
Managing Device Allocation (Task Map)
- device policy,
Configuring Device Policy (Task Map)
- devices task map,
Configuring Devices (Task Map)
- DH key for NIS+ user,
How to Set Up a Diffie-Hellman Key for an NIS+ User
- DH key for NIS user,
How to Set Up a Diffie-Hellman Key for an NIS User
- DH key in NIS,
How to Set Up a Diffie-Hellman Key for an NIS Host
- DH key in NIS+,
How to Set Up a Diffie-Hellman Key for an NIS+ Host
- dial-up logins,
How to Create a Dial-Up Password
- hardware security,
Controlling Access to System Hardware
- host-based authentication for Secure Shell,
How to Set Up Host-Based Authentication for Secure Shell
- identical auditing for non-global zones,
How to Configure All Zones Identically for Auditing
- Kerberos
- adding administration principals
How to Manually Configure a Master KDC
How to Configure a KDC to Use an LDAP Data Server
- clients,
Configuring Kerberos Clients
- cross-realm authentication,
Configuring Cross-Realm Authentication
- master KDC server,
How to Manually Configure a Master KDC
- master KDC server using LDAP,
How to Configure a KDC to Use an LDAP Data Server
- NFS servers,
How to Configure Kerberos NFS Servers
- overview,
Configuring the Kerberos Service (Tasks)
- slave KDC server,
How to Manually Configure a Slave KDC
- task map,
Configuring the Kerberos Service (Task Map)
name service,
How to Make root User Into a Role
- password for hardware access,
How to Require a Password for Hardware Access
- per-zone auditing,
How to Configure Per-Zone Auditing
- perzone audit policy,
How to Configure Audit Policy
- port forwarding in Secure Shell,
How to Configure Port Forwarding in Secure Shell
- RBAC
Configuring RBAC
How to Plan Your RBAC Implementation
- RBAC task map,
Configuring RBAC (Task Map)
- rights profile from command line,
How to Create or Change a Rights Profile
- rights profiles
How to Create or Change a Rights Profile
How to Create or Change a Rights Profile
- roles
How to Create and Assign a Role by Using the GUI
How to Change the Properties of a Role
- from command line,
How to Create a Role From the Command Line
root user as role,
How to Make root User Into a Role
- Secure Shell,
Secure Shell (Task Map)
- clients,
Client Configuration in Secure Shell
- servers,
Server Configuration in Secure Shell
Secure Shell task map,
Configuring Secure Shell (Task Map)
- ssh-agent daemon,
How to Set Up the ssh-agent Command to Run Automatically in CDE
- textual audit logs,
How to Configure syslog Audit Logs
- configuring application servers,
Configuring Kerberos Network Application Servers
- ConnectionAttempts keyword, ssh_config file,
Keywords in Secure Shell
- console, displaying su command attempts,
How to Restrict and Monitor Superuser Logins
- CONSOLE in Secure Shell,
Secure Shell and Login Environment Variables
- consumers, definition in cryptographic framework,
Terminology in the Oracle Solaris Cryptographic Framework
- context-sensitive help, SEAM Tool,
Print and Online Help Features of the SEAM Tool
- control manifests (BART),
Basic Audit Reporting Tool (Overview)
- controlling
- access to system hardware,
SPARC: Controlling Access to System Hardware (Task Map)
- system access,
Controlling System Access (Task Map)
- system usage,
Controlling Access to Machine Resources
- conversation keys
- decrypting in secure RPC,
Implementation of Diffie-Hellman Authentication
- generating in secure RPC,
Implementation of Diffie-Hellman Authentication
- converting
- audit records to readable format
How to View the Contents of Binary Audit Files
praudit Command
- copying
- ACL entries,
How to Copy an ACL
- files using Secure Shell,
How to Copy Files With Secure Shell
- copying audit messages to single file,
How to Select Audit Events From the Audit Trail
- cost control, and auditing,
Controlling Auditing Costs
- crammd5.so.1 plug-in, SASL and,
SASL Plug-ins
- creating
- audit trail
- auditd daemon,
Audit Trail
- auditd daemon's role,
auditd Daemon
credential table,
How to Create a Credential Table
- customized role,
How to Create a Role From the Command Line
- d_passwd file,
How to Create a Dial-Up Password
- dial-up passwords
How to Create a Dial-Up Password
How to Create a Dial-Up Password
- /etc/d_passwd file,
How to Create a Dial-Up Password
- file digests,
How to Compute a Digest of a File
- keytab file
How to Manually Configure a Master KDC
How to Configure a KDC to Use an LDAP Data Server
- local user,
How to Make root User Into a Role
- new device-clean scripts,
Device-Clean Scripts
- new policy (Kerberos)
How to Create a New Kerberos Principal
How to Create a New Kerberos Policy
- new principal (Kerberos),
How to Create a New Kerberos Principal
- Operator role,
How to Create and Assign a Role by Using the GUI
- partitions for binary audit files,
How to Create Partitions for Audit Files
- passwords for temporary user,
How to Create a Dial-Up Password
- rights profiles,
How to Create or Change a Rights Profile
- rights profiles with Solaris Management Console,
How to Create or Change a Rights Profile
- roles
- for particular profiles,
How to Create and Assign a Role by Using the GUI
- on command line,
How to Create a Role From the Command Line
- with limited scope,
How to Create and Assign a Role by Using the GUI
root user as role,
How to Make root User Into a Role
- secret keys
- for encryption
How to Generate a Symmetric Key by Using the dd Command
How to Generate a Symmetric Key by Using the pktool Command
Secure Shell keys,
How to Generate a Public/Private Key Pair for Use With Secure Shell
- security-related roles,
How to Create and Assign a Role by Using the GUI
- stash file
How to Manually Configure a Slave KDC
How to Configure a Slave KDC to Use Full Propagation
- System Administrator role,
How to Create and Assign a Role by Using the GUI
- tickets with kinit,
Creating a Kerberos Ticket
- cred database
- adding client credential,
How to Set Up a Diffie-Hellman Key for an NIS+ Host
- adding user credential,
How to Set Up a Diffie-Hellman Key for an NIS+ User
- DH authentication,
Diffie-Hellman Authentication and Secure RPC
- cred table
- DH authentication and,
Diffie-Hellman Authentication and Secure RPC
- information stored by server,
Implementation of Diffie-Hellman Authentication
- credential
- cache,
How the Kerberos Authentication System Works
- description
Implementation of Diffie-Hellman Authentication
Authentication-Specific Terminology
- obtaining for a server,
Obtaining a Credential for a Server
- obtaining for a TGS,
Obtaining a Credential for the Ticket-Granting Service
- or tickets,
How the Kerberos Service Works
- credential table, adding single entry to,
How to Add a Single Entry to the Credential Table
- credentials, mapping,
Mapping GSS Credentials to UNIX Credentials
- crontab files
- authorizations required,
Commands That Require Authorizations
- running ASET periodically,
Automated Security Enhancement Tool (ASET)
- stop running ASET periodically,
How to Stop Running ASET Periodically
- cross-realm authentication, configuring,
Configuring Cross-Realm Authentication
- CRYPT_ALGORITHMS_ALLOW keyword, policy.conf file,
Password Encryption
- CRYPT_ALGORITHMS_DEPRECATE keyword, policy.conf file,
Password Encryption
- crypt_bsdbf password algorithm,
Password Encryption
- crypt_bsdmd5 password algorithm,
Password Encryption
- crypt command, file security,
Protecting Files With Encryption
- crypt.conf file
- changing with new password module,
How to Install a Password Encryption Module From a Third Party
- third-party password modules,
How to Install a Password Encryption Module From a Third Party
- CRYPT_DEFAULT keyword, policy.conf file,
Password Encryption
- CRYPT_DEFAULT system variable,
How to Specify an Algorithm for Password Encryption
- crypt_sha256 password algorithm,
Password Encryption
- crypt_sunmd5 password algorithm
Password Encryption
Password Encryption
- crypt_unix password algorithm
Password Encryption
Changing the Default Algorithm for Password Encryption
- Crypto Management (RBAC)
- creating role,
How to Assign a Role to a Local User
- use of rights profile
How to Prevent the Use of a User-Level Mechanism
How to Prevent the Use of a Kernel Software Provider
- cryptoadm command
- description,
Scope of the Oracle Solaris Cryptographic Framework
- disabling cryptographic mechanisms
How to Prevent the Use of a User-Level Mechanism
How to Prevent the Use of a Kernel Software Provider
- disabling hardware mechanisms,
How to Disable Hardware Provider Mechanisms and Features
- installing PKCS #11 library,
How to Add a Software Provider
- listing providers,
How to List Available Providers
- -m option
How to Prevent the Use of a User-Level Mechanism
How to Prevent the Use of a Kernel Software Provider
- -p option
How to Prevent the Use of a User-Level Mechanism
How to Prevent the Use of a Kernel Software Provider
- restoring kernel software provider,
How to Prevent the Use of a Kernel Software Provider
- cryptoadm install command, installing PKCS #11 library,
How to Add a Software Provider
- cryptographic framework
- administering with role,
How to Assign a Role to a Local User
- connecting providers,
Plugins to the Oracle Solaris Cryptographic Framework
- consumers,
Oracle Solaris Cryptographic Framework
- cryptoadm command
Scope of the Oracle Solaris Cryptographic Framework
Administrative Commands in the Oracle Solaris Cryptographic Framework
- definition of terms,
Terminology in the Oracle Solaris Cryptographic Framework
- description,
Oracle Solaris Cryptographic Framework
- elfsign command
Scope of the Oracle Solaris Cryptographic Framework
Binary Signatures for Third-Party Software
- error messages,
How to Encrypt and Decrypt a File
- hardware plugins,
Oracle Solaris Cryptographic Framework
- installing providers,
Plugins to the Oracle Solaris Cryptographic Framework
- interacting with,
Scope of the Oracle Solaris Cryptographic Framework
- listing providers
How to List Available Providers
How to List Available Providers
- PKCS #11 library,
Oracle Solaris Cryptographic Framework
- providers
Oracle Solaris Cryptographic Framework
Terminology in the Oracle Solaris Cryptographic Framework
- refreshing,
How to Refresh or Restart All Cryptographic Services
- registering providers,
Plugins to the Oracle Solaris Cryptographic Framework
- restarting,
How to Refresh or Restart All Cryptographic Services
- signing providers,
Plugins to the Oracle Solaris Cryptographic Framework
- task maps,
Using the Cryptographic Framework (Task Map)
- user-level commands,
User-Level Commands in the Oracle Solaris Cryptographic Framework
- zones and
Cryptographic Services and Zones
How to Refresh or Restart All Cryptographic Services
- cryptographic services, See cryptographic framework
- Cryptoki, See PKCS #11 library
- csh command, privileged version,
Profile Shells and RBAC
- .cshrc file, path variable entry,
Setting the PATH Variable
- Custom Operator (RBAC), creating role,
How to Create a Role From the Command Line
- customizing, manifests,
How to Customize a Manifest
- customizing a report (BART),
How to Customize a BART Report by Using a Rules File