Index
Prev
Index
access control
Administering Access Control
Access Control Lists
Access Control Lists (ACLs)
account
adding a user
Creating User Accounts
auditor
Performing the Auditor Role
guest
Guidelines for User Accounts
guidelines
Guidelines for User Accounts
user
Administering Login Accounts
accountability
Reasons to Use a Trusted System
Administering Identification and Authentication
acl
Access Control Lists (ACLs)
ls option
Access Control Lists (ACLs)
adding
a new group
Adding a New Group
a new user
Creating User Accounts
administration, system
documentation
IRIX Admin Manual Set
administrative data files
System Data Files
Administrator (dbadmin)
System Administrator
administrators of CSP-Kerberos
Planning Your CSP-Kerberos Administrators
Application servers in CSP-Kerberos
Installing CSP-Kerberos Servers
assurance
Reasons to Use a Trusted System
attrinit command
Using attrinit(1) to Clean Up Capability Corruption
audit trail
System Audit Trail
Administering the System Audit Trail
auditing
planning for
Planning for Auditing
auditing, description
Administering the System Audit Trail
auditor account
Auditor
auditor account guidelines
Performing the Auditor Role
authentication
Administering Identification and Authentication
Backup servers and CSP-Kerberos
Planning Redundant CSP-Kerberos Servers
backups of CSP-Kerberos
CSP-Kerberos Database Backup Commands
Capabilities
Capabilities
Capabilities, default
Capabilities in This Release
capabilities, on files
File Capabilities
chacl command
Short ACL Text Form
changing
permissions
Changing Permissions
client systems in CSP-Kerberos
Installing CSP-Kerberos Clients
clock skew
Planning For Synchronized Clocks
clock skew in CSP-Kerberos
Clock Skew Commands
Clock sync
Planning For Synchronized Clocks
configuring CSP-Kerberos
Configuring All Participating Systems
conventions, typographical
Conventions Used in This Guide
.cshrc file
Guidelines for User Accounts
CSP-Kerberos administrators
Planning Your CSP-Kerberos Administrators
CSP-Kerberos and DCE
Configuring CSP-Kerberos DCE Interoperability
CSP-Kerberos and DNS
Getting Correct DNS Information
CSP-Kerberos and Firewalls
Configuring Your Firewall to Work With CSP-Kerberos
CSP-Kerberos and inetd.conf
CSP-Kerberos Server Configuration Files
CSP-Kerberos application servers
Installing CSP-Kerberos Servers
CSP-Kerberos backup servers
Planning Redundant CSP-Kerberos Servers
CSP-Kerberos backups
CSP-Kerberos Database Backup Commands
CSP-Kerberos client systems
Installing CSP-Kerberos Clients
CSP-Kerberos clock sync
Planning For Synchronized Clocks
CSP-Kerberos configuration
Configuring All Participating Systems
CSP-Kerberos Daemons
Installing the Master KDC
CSP-Kerberos database propagation
CSP-Kerberos Database Propagation
Installing the Slave KDCs
CSP-Kerberos date format
The kadmin5 Date Format
CSP-Kerberos definition
Administering CSP-Kerberos
CSP-Kerberos error messages
Error Messages
CSP-Kerberos hostname mapping
Installing CSP-Kerberos
CSP-Kerberos installation issues
Installing CSP-Kerberos
CSP-Kerberos Key Distribution Centers (KDC)
Installing CSP-Kerberos KDCs
CSP-Kerberos keytab files
CSP-Kerberos Keytab Commands
CSP-Kerberos libraries
CSP-Kerberos Libraries
CSP-Kerberos master KDC
Installing the Master KDC
CSP-Kerberos passwords
CSP-Kerberos Password Commands
CSP-Kerberos planning
Planning For CSP-Kerberos
CSP-Kerberos principals
CSP-Kerberos Principal Commands
CSP-Kerberos realms
Planning CSP-Kerberos Realms
How CSP-Kerberos Works
CSP-Kerberos Server Software
CSP-Kerberos Administrative Commands
CSP-Kerberos troubleshooting
Troubleshooting CSP-Kerberos
CSP-Kerberos users
CSP-Kerberos Principal Commands
csp-kerberos.sw.server-dce-interop
Configuring CSP-Kerberos DCE Interoperability
DAC
Discretionary Access Control Permissions
changing permissions
Changing Permissions
directory permissions
Directory Permissions
Discretionary Access Control
Administering Access Control
file permissions
File Permissions
permissions
Administering Access Control
umask
Setting Permissions With umask
using
DAC Permissions
daemons and CSP-Kerberos
Installing the Master KDC
data files
administrative
System Data Files
Database of Kerberos users
How CSP-Kerberos Works
dbadmin account
System Administrator
DCE
Configuring CSP-Kerberos DCE Interoperability
DCE and CSP-Kerberos
Configuring CSP-Kerberos DCE Interoperability
deactivating a trusted system
Deactivating a System
debugging CSP-Kerberos
Troubleshooting CSP-Kerberos
definition
of a trusted system
Definition of a Trusted System
of Administrator
System Administrator
of physical security policy
Physical Security Policy
of procedural security policy
Procedural Security Policy
of security policy
Creating Security Policies
of system security policy
System Security Policy
of the Auditor
Auditor
of the Site Security Officer
Site Security Officer
directory permissions
Directory Permissions
Discretionary Access Control
Discretionary Access Control Permissions
Discretionary Access Control (DAC)
Administering Access Control
Distributed Computing Environment
Configuring CSP-Kerberos DCE Interoperability
DNS and CSP-Kerberos
Getting Correct DNS Information
documentation conventions
Conventions Used in This Guide
Documentation for Kerberos
How CSP-Kerberos Works
encrypted password
Administering Passwords
environment variables
Guidelines for User Accounts
Error Messages and CSP-Kerberos
Error Messages
/etc/capability file
The /etc/capability File
/etc/inetd.conf file
Configuring CSP-Kerberos Servers
/etc/kdc.conf
Installing the Master KDC
/etc/krb5.conf
Installing the Master KDC
/etc/passwd file
The /etc/shadow File
/etc/services file
Configuring CSP-Kerberos Servers
/etc/shadow File
The /etc/shadow File
File Capabilities
File Capabilities
file permissions
File Permissions
files
administrative
System Data Files
/dev/console
/dev/console
/dev/klog
dev/klog
/dev/kmem
/dev/kmem
/dev/log
/dev/log
/dev/ptc
/dev/ptc
/dev/tty
/dev/tty
/etc/capability
/etc/capability
/etc/config/acct
/etc/config/acct
/etc/config/automount
/etc/config/automount
/etc/config/login.options
/etc/config/login.options
/etc/config/named
/etc/config/named
/etc/config/network
/etc/config/network
/etc/config/nfs
/etc/config/nfs
/etc/config/rwhod
/etc/config/rwhod
/etc/config/syslogd.options
/etc/config/syslogd.options
/etc/config/timed
/etc/config/timed
/etc/cshrc
/etc/cshrc
/etc/gettydefs
/etc/gettydefs
/etc/group
/etc/group
/etc/hosts
/etc/hosts
/etc/hosts.equiv
/etc/hosts.equiv
/etc/inittab
/etc/inittab
/etc/ioctl.syscon
/etc/ioctl.syscon
/etc/motd
/etc/motd
/etc/nologin
/etc/nologin
/etc/opasswd
/etc/opasswd
/etc/passwd
/etc/passwd
/etc/profile
/etc/profile
/etc/services
/etc/services
/etc/shadow
/etc/shadow
/etc/syslog.conf
/etc/syslog.conf
/etc/TIMEZONE
/etc/TIMEZONE
/etc/ttytype
/etc/ttytype
/etc/utmp
/etc/utmp
/etc/wtmp
/etc/wtmp
.rhosts
~/.rhosts
/usr/adm/lastlog/username
/usr/adm/lastlog/username
/usr/adm/OLDsulog
/var/adm/OLDsulog
/usr/adm/oSYSLOG
/usr/adm/oSYSLOG
/usr/adm/sulog
/var/adm/sulog
/usr/adm/SYSLOG
/usr/adm/SYSLOG
/usr/lib/X11/xdm/Xresources
/usr/lib/X11/xdm/Xresources
/usr/lib/X11/xdm/Xservers
/usr/lib/X11/xdm/Xservers
/usr/spool/lp/pstatus
/usr/spool/lp/pstatus
/usr/spool/lp/qstatus
/usr/spool/lp/qstatus
firewall additional documentation
Configuring Your Firewall to Work With CSP-Kerberos
Firewalls and CSP-Kerberos
Configuring Your Firewall to Work With CSP-Kerberos
group
adding
Adding a New Group
removing
Removing a Group
group guidelines
Guidelines for User Groups
guest account
Guidelines for User Accounts
guidelines
for the auditor account
Performing the Auditor Role
for user accounts
Guidelines for User Accounts
for user groups
Guidelines for User Groups
help
reference
Reference Pages
Identification and Authentication
Administering Identification and Authentication
inetd.conf file
Configuring CSP-Kerberos Servers
CSP-Kerberos Server Configuration Files
installation issues of CSP-Kerberos
Installing CSP-Kerberos
IRIX Admin manuals
About This Guide
IRIX administration
documentation
IRIX Admin Manual Set
IRIX permissions (DAC)
Administering Access Control
kadmin5 command
The kadmin5 Command and Its Options
kdb5_create command
Installing the Master KDC
kdb5_edit command
Installing the Master KDC
kdb5_stash command
Installing the Master KDC
Kerberos additional documentation
How CSP-Kerberos Works
Kerberos and inetd.conf
CSP-Kerberos Server Configuration Files
Kerberos Application Servers
Installing CSP-Kerberos Servers
Kerberos Backup Servers
Planning Redundant CSP-Kerberos Servers
Kerberos backups
CSP-Kerberos Database Backup Commands
Kerberos clients
Installing CSP-Kerberos Clients
Kerberos configuration
Configuring All Participating Systems
Kerberos definition
Administering CSP-Kerberos
Kerberos passwords
CSP-Kerberos Password Commands
Kerberos realms
How CSP-Kerberos Works
Kerberos Server Software
CSP-Kerberos Administrative Commands
kerberos srvtab files
CSP-Kerberos Keytab Commands
Kerberos tickets
How CSP-Kerberos Works
Kerberos troubleshooting
Troubleshooting CSP-Kerberos
keytab files
CSP-Kerberos Keytab Commands
ktutil command
The ktutil Command
libacl.a
CSP-Kerberos Libraries
libcom_err.a
CSP-Kerberos Libraries
libcrypto.a
CSP-Kerberos Libraries
libdes425.a
CSP-Kerberos Libraries
libgssapi.a
CSP-Kerberos Libraries
libgssapi_krb5.a
CSP-Kerberos Libraries
libkadm.a
CSP-Kerberos Libraries
libkdb5.a
CSP-Kerberos Libraries
libknet.a
CSP-Kerberos Libraries
libkrb.a
CSP-Kerberos Libraries
libkrb4.a
CSP-Kerberos Libraries
libkrb524.a
CSP-Kerberos Libraries
libkrb5util.a
CSP-Kerberos Libraries
libpty.a
CSP-Kerberos Libraries
libraris and CSP-Kerberos
CSP-Kerberos Libraries
locked account
Password Aging
login account
guest
Guidelines for User Accounts
login accounts
Administering Login Accounts
locked
Password Aging
ls -d option
Using ls -D and chacl
maintaining login accounts
Administering Login Accounts
man command
Reference Pages
man pages
Reference Pages
master KDC in CSP-Kerberos
Installing the Master KDC
NCSC
TCSEC
Introduction to the Commercial Security Pak
new group
adding
Adding a New Group
new user account
Creating User Accounts
NIS
Configuring CSP-Kerberos Servers
object reuse
Object Reuse Policy
password
Administering Identification and Authentication
aging
Administering Passwords
characteristics
Password Generator Algorithm
chosen
Administering Password Generation
encrypted
Administering Passwords
expiration time
Password Aging
lifetime
Password Aging
pronounceable
Administering Password Generation
random character
Administering Password Generation
theft
Administering Identification and Authentication
total possible number
Password Generator Algorithm
passwords
Passwords Under the Commercial Security Pak
generation
Passwords Under the Commercial Security Pak
locked accounts
Password Aging
passwords in CSP-Kerberos
CSP-Kerberos Password Commands
PATH variable
Guidelines for User Accounts
permissions
changing
Changing Permissions
directory
Directory Permissions
file
File Permissions
umask
Setting Permissions With umask
permissions (DAC)
Administering Access Control
Personal System Administration Guide
About This Guide
physical security policy
Physical Security Policy
planning
for administrative accounts
Planning Your Administrative Accounts
for auditing
Planning for Auditing
for users
Planning for Users
for your trusted system
Planning Your System Security Policy
policies
physical security
Physical Security Policy
procedural security
Procedural Security Policy
site security
Creating Security Policies
system security
System Security Policy
privilege violation
Auditing Unexpected Use of Privilege
procedural security policy
Procedural Security Policy
.profile file
Guidelines for User Accounts
pronounceable password
Administering Password Generation
random character password
Administering Password Generation
realms in CSP-Kerberos
Planning CSP-Kerberos Realms
How CSP-Kerberos Works
removing
a group
Removing a Group
a machine
Deactivating a System
SAT
System Audit Trail
Administering the System Audit Trail
security
policy
Reasons to Use a Trusted System
security violation
root privilege
Auditing Unexpected Use of Privilege
Servers in CSP-Kerberos
CSP-Kerberos Administrative Commands
Site Security Officer (SSO)
Site Security Officer
site security policy
Creating Security Policies
srvtab files
CSP-Kerberos Keytab Commands
SSO (Site Security Officer)
Site Security Officer
system administration
documentation
IRIX Admin Manual Set
system administration manuals
About This Guide
System Audit Trail
System Audit Trail
System Audit Trail (SAT)
Administering the System Audit Trail
system security policy
System Security Policy
TCB
Commercial Security Pak Features
TCB, adding files to
How the Administrative Accounts Work Together
Troubleshooting CSP-Kerberos
Troubleshooting CSP-Kerberos
trust
definition
Definition of a Trusted System
Trusted Computing Base
Commercial Security Pak Features
trusted system deactivation
Deactivating a System
typographical conventions
Conventions Used in This Guide
umask
Setting Permissions With umask
user
account adding
Creating User Accounts
account guidelines
Guidelines for User Accounts
accounts
Administering Login Accounts
group guidelines
Guidelines for User Groups
name
Administering Identification and Authentication
users
planning for
Planning for Users
using access control
Administering Access Control
using the auditor account
Performing the Auditor Role
variables
environment
Guidelines for User Accounts
violations
of root privilege security
Auditing Unexpected Use of Privilege
Yellow Pages
Configuring CSP-Kerberos Servers