System Administration Guide: Security Services
Previous Next

L

-L option, ssh command, How to Use Port Forwarding in Solaris Secure Shell
-l option
digest command, How to Compute a Digest of a File
encrypt command, How to Generate a Symmetric Key by Using the dd Command
mac command, How to Compute a MAC of a File
praudit command, praudit Command
LDAP, configuring master KDC using, How to Configure a KDC to Use an LDAP Data Server
LDAP name service
passwords, Managing Password Information
specifying password algorithm, How to Specify a New Password Algorithm for an LDAP Domain
least privilege, principle of, Privileges Protect Kernel Processes
libraries, user-level providers, How to List Available Providers
lifetime of ticket, in Kerberos, Ticket Lifetimes
limit privilege set, How Privileges Are Implemented
limiting, use of privileges by user or role, How to Limit a User's or Role's Privileges
limitpriv keyword, user_attr database, Files With Privilege Information
list command
How to Display the Keylist (Principals) in a Keytab File
How to Temporarily Disable Authentication for a Service on a Host
list_devices command
authorizations for, Device Allocation Commands
authorizations required, Commands That Require Authorizations
description, Device Allocation Commands
list plugin subcommand, kmcfg command, How to Manage Third-Party Plugins in KMF
list privilege, SEAM Administration Tool and, Using the SEAM Tool With Limited Kerberos Administration Privileges
list subcommand, pktool command, How to Create a Certificate by Using the pktool gencert Command
ListenAddress keyword, sshd_config file, Keywords in Solaris Secure Shell
listing
available providers in cryptographic framework, How to List Available Providers
contents of keystore, How to Create a Certificate by Using the pktool gencert Command
cryptographic framework providers, How to List Hardware Providers
device policy, How to View Device Policy
hardware providers, How to List Hardware Providers
providers in the cryptographic framework, How to List Available Providers
roles you can assume
How to Assume a Role in a Terminal Window
Commands That Manage RBAC
users with no passwords, How to Display Users Without Passwords
LocalForward keyword, ssh_config file, Keywords in Solaris Secure Shell
log files
audit records
Audit Files
How to View the Contents of Binary Audit Files
BART
programmatic output, BART Output
verbose output, BART Output
configuring for auditing service, How to Configure syslog Audit Logs
examining audit records, auditreduce Command
failed login attempts, How to Monitor All Failed Login Attempts
monitoring su command, How to Monitor Who Is Using the su Command
space for audit records, auditd Daemon
syslog audit records, syslog.conf File
log_level option, SASL and, SASL Options
logadm command, archiving textual audit files, How to Prevent Audit Trail Overflow
logging in
and AUTH_DH, Implementation of Diffie-Hellman Authentication
disabling temporarily, How to Temporarily Disable User Logins
displaying user's login status
How to Display a User's Login Status
How to Display a User's Login Status
log of failed logins, How to Monitor All Failed Login Attempts
monitoring failures, How to Monitor Failed Login Attempts
root login
account, Special System Logins
restricting to console, How to Restrict and Monitor Superuser Logins
tracking, Limiting and Monitoring Superuser
security
access control on devices, Remote Logins
access restrictions
Maintaining Login Control
Maintaining Login Control
saving failed attempts, How to Monitor Failed Login Attempts
system access control, Maintaining Login Control
tracking root login, Limiting and Monitoring Superuser
system logins, Special System Logins
task map, Securing Logins and Passwords (Task Map)
users' basic privilege set, How Privileges Are Implemented
with Solaris Secure Shell, How to Log In to a Remote Host With Solaris Secure Shell
login environment variables, Solaris Secure Shell and, Solaris Secure Shell and Login Environment Variables
login file
login default settings, How to Monitor All Failed Login Attempts
restricting remote root access, How to Restrict and Monitor Superuser Logins
login_logout audit class, Definitions of Audit Classes
LoginGraceTime keyword, sshd_config file, Keywords in Solaris Secure Shell
loginlog file, saving failed login attempts, How to Monitor Failed Login Attempts
logins command
displaying user's login status
How to Display a User's Login Status
How to Display a User's Login Status
displaying users with no passwords, How to Display Users Without Passwords
syntax, How to Display a User's Login Status
LogLevel keyword, Solaris Secure Shell, Keywords in Solaris Secure Shell
LookupClientHostname keyword, sshd_config file, Keywords in Solaris Secure Shell

M

-M option, auditreduce command, How to Merge Audit Files From the Audit Trail
-m option
cryptoadm command
How to Prevent the Use of a User-Level Mechanism
How to Prevent the Use of a Kernel Software Provider
Kerberized commands, Overview of Kerberized Commands
mac command
description, User-Level Commands in the Solaris Cryptographic Framework
syntax, How to Compute a MAC of a File
machine security, See system security
MACS keyword, Solaris Secure Shell, Keywords in Solaris Secure Shell
mail, using with Solaris Secure Shell, How to Use Port Forwarding in Solaris Secure Shell
makedbm command, description, Commands That Manage RBAC
managing
See also administering
audit files
How to Merge Audit Files From the Audit Trail
How to Prevent Audit Trail Overflow
audit records task map, Managing Audit Records (Task Map)
audit trail overflow, How to Prevent Audit Trail Overflow
auditing, Solaris Auditing (Task Map)
auditing in zones
Auditing on a System With Zones
Auditing and Solaris Zones
device allocation task map, Managing Device Allocation (Task Map)
devices, Managing Device Allocation (Task Map)
file permissions, Protecting Files (Task Map)
keystores with KMF, KMF Keystore Management
passwords with Kerberos, Kerberos Password Management
privileges task map, Managing Privileges (Task Map)
RBAC task map, Managing RBAC (Task Map)
manifests
See also bart create
control, Basic Audit Reporting Tool (Overview)
customizing, How to Customize a Manifest
file format, BART Manifest File Format
test, BART Report
manually configuring
Kerberos
master KDC server, How to Configure a Master KDC
master KDC server using LDAP, How to Configure a KDC to Use an LDAP Data Server
slave KDC server, How to Configure a Slave KDC
mapping
host names onto realms (Kerberos), Mapping Host Names Onto Realms
UIDs to Kerberos principals, Using the gsscred Table
mapping GSS credentials, Mapping GSS Credentials to UNIX Credentials
mappings, events to classes (auditing), Audit Classes and Preselection
mask (auditing)
description of process preselection, Process Audit Characteristics
system-wide process preselection, audit_control File
mask ACL entries
default entries for directories, ACL Entries for Directories
description, ACL Entries for Files
setting, How to Add ACL Entries to a File
master KDC
automatically configuring, How to Automatically Configure a Master KDC
configuring with LDAP, How to Configure a KDC to Use an LDAP Data Server
definition, Kerberos-Specific Terminology
interactively configuring, How to Interactively Configure a Master KDC
manually configuring, How to Configure a Master KDC
slave KDCs and
Kerberos Servers
Configuring KDC Servers
swapping with slave KDC, Swapping a Master KDC and a Slave KDC
max_life value, description, Ticket Lifetimes
max_renewable_life value, description, Ticket Lifetimes
MaxAuthTries keyword, sshd_config file, Keywords in Solaris Secure Shell
MaxAuthTriesLog keyword, sshd_config file, Keywords in Solaris Secure Shell
MaxStartups keyword, sshd_config file, Keywords in Solaris Secure Shell
MD5 encryption algorithm
kernel provider, How to List Available Providers
policy.conf file, How to Specify an Algorithm for Password Encryption
mech_dh mechanism
GSS-API credentials, Acquiring GSS Credentials in Solaris Secure Shell
secure RPC, How to Set Up a Diffie-Hellman Key for an NIS+ Host
mech_krb mechanism, GSS-API credentials, Acquiring GSS Credentials in Solaris Secure Shell
mech_list option, SASL and, SASL Options
mechanism, definition in cryptographic framework, Terminology in the Solaris Cryptographic Framework
mechanisms
disabling all on hardware provider, How to Disable Hardware Provider Mechanisms and Features
enabling some on hardware provider, How to Disable Hardware Provider Mechanisms and Features
merging, binary audit records, How to Merge Audit Files From the Audit Trail
message authentication code (MAC), computing for file, How to Compute a MAC of a File
messages file, executable stack messages, Preventing Executable Files From Compromising Security
metaslot
administering, Administrative Commands in the Solaris Cryptographic Framework
definition in cryptographic framework, Terminology in the Solaris Cryptographic Framework
microphone
allocating, How to Allocate a Device
deallocating, How to Deallocate a Device
minfree line
audit_control file, audit_control File
audit_warn condition, audit_warn Script
minus sign (-)
audit class prefix, Audit Class Syntax
entry in sulog file, How to Monitor Who Is Using the su Command
file permissions symbol, File Permission Modes
symbol of file type, File and Directory Ownership
mode, definition in cryptographic framework, Terminology in the Solaris Cryptographic Framework
modifying
policies (Kerberos), How to Modify a Kerberos Policy
principal's password (Kerberos), How to Modify a Kerberos Principal
principals (Kerberos), How to Modify a Kerberos Principal
role assignment to a user, How to Create and Assign a Role by Using the GUI
roles (RBAC), How to Change the Properties of a Role
users (RBAC), How to Change the RBAC Properties of a User
modules, password encryption, Password Encryption
monitoring
audit trail in real time, Auditing Efficiently
failed logins, How to Monitor Failed Login Attempts
su command attempts
Limiting and Monitoring Superuser
How to Monitor Who Is Using the su Command
superuser access attempts, How to Restrict and Monitor Superuser Logins
superuser task map, Monitoring and Restricting Superuser (Task Map)
system usage
Monitoring Use of Machine Resources
Monitoring File Integrity
use of privileged commands, How to Audit Roles
mount command, with security attributes, How to Authorize Users to Allocate a Device
mounting
allocated CD-ROM, How to Mount an Allocated Device
allocated devices, How to Mount an Allocated Device
allocated diskette, How to Mount an Allocated Device
audit directories, Audit Trail
files with DH authentication, How to Share NFS Files With Diffie-Hellman Authentication
mt command, tape device cleanup and, Device-Clean Scripts
Previous Next