The software described in this documentation is either in Extended Support or Sustaining Support. See https://www.oracle.com/us/support/library/enterprise-linux-support-policies-069172.pdf for more information.
Oracle recommends that you upgrade the software described by this documentation as soon as possible.
This section contains the following chapters:
Chapter 23, Authentication Configuration describes how to configure various authentication methods that Oracle Linux can use, including NIS, LDAP, Kerberos, and Winbind, and how you can configure the System Security Services Daemon feature to provide centralized identity and authentication management.
Chapter 24, Local Account Configuration describes how to configure and manage local user and group accounts.
Chapter 25, System Security Administration describes the subsystems that you can use to administer system security, including SELinux, the Netfilter firewall, TCP Wrappers, chroot jails, auditing, system logging, and process accounting.
Chapter 26, OpenSSH Configuration describes how to configure OpenSSH to support secure communication between networked systems.
Table of Contents
- 23 Authentication Configuration
- 23.1 About Authentication
- 23.2 About Local Oracle Linux Authentication
- 23.3 About IPA
- 23.4 About LDAP Authentication
- 23.4.1 About LDAP Data Interchange Format
- 23.4.2 Configuring an LDAP Server
- 23.4.3 Replacing the Default Certificates
- 23.4.4 Creating and Distributing Self-signed CA Certificates
- 23.4.5 Initializing an Organization in LDAP
- 23.4.6 Adding an Automount Map to LDAP
- 23.4.7 Adding a Group to LDAP
- 23.4.8 Adding a User to LDAP
- 23.4.9 Adding Users to a Group in LDAP
- 23.4.10 Enabling LDAP Authentication
- 23.5 About NIS Authentication
- 23.6 About Kerberos Authentication
- 23.7 About Pluggable Authentication Modules
- 23.8 About the System Security Services Daemon
- 23.9 About Winbind Authentication
- 24 Local Account Configuration
- 25 System Security Administration
- 25.1 About System Security
- 25.2 Configuring and Using SELinux
- 25.3 About Packet-filtering Firewalls
- 25.4 About TCP Wrappers
- 25.5 About chroot Jails
- 25.6 About Auditing
- 25.7 About System Logging
- 25.8 About Process Accounting
- 25.9 Security Guidelines
- 25.9.1 Minimizing the Software Footprint
- 25.9.2 Configuring System Logging
- 25.9.3 Disabling Core Dumps
- 25.9.4 Minimizing Active Services
- 25.9.5 Locking Down Network Services
- 25.9.6 Configuring a Packet-filtering Firewall
- 25.9.7 Configuring TCP Wrappers
- 25.9.8 Configuring Kernel Parameters
- 25.9.9 Restricting Access to SSH Connections
- 25.9.10 Configuring File System Mounts, File Permissions, and File Ownerships
- 25.9.11 Checking User Accounts and Privileges
- 26 OpenSSH Configuration