07-29-2011
You can also use kerberos server with pam_krb
Be careful tho, kerberos is somewhat complicated to setup and requires clients and server to be in time sync.
But should be the most secure way.
Regards
Peasant
8 More Discussions You Might Find Interesting
1. UNIX for Dummies Questions & Answers
Does it exist centralized tools on unix for managing users of all servers (like windows AD) ? (1 Reply)
Discussion started by: astjen
1 Replies
2. Shell Programming and Scripting
Hi Friends.
I am new to scripting now i want to change the root password using the script with standard password.
which is the easy scripting to learn for the beginner, Thanks in advance. (2 Replies)
Discussion started by: kurva
2 Replies
3. Solaris
Hi Gurus
I have a few Sol 5.9 servers and i have enabled password less authentication between them for my user ID. Often i have found that when my password has expired,the login fails.
Resetting my password reenables the keys.
Do i need to do something to avoid this scenario or is this... (2 Replies)
Discussion started by: Renjesh
2 Replies
4. UNIX for Advanced & Expert Users
We have a mix of AIX, HP-UX, Linux (RHEL and SLES), and Solaris in our environment. Currently we have seperate patch management systems for each platform (NIM, SD, Spacewalk, etc), but have started looking for a centralized patch management solution that would work for most, if not all, of our... (0 Replies)
Discussion started by: kknigga
0 Replies
5. UNIX for Dummies Questions & Answers
Hi
We send *.csv with sensitive data to our customers. Our customers open those files with Excel.
A new requirement is that we password protect those CSV files.
I thought to pack them with ZIP and assign a password to the archive.
But Solaris 10 can't encrypt ZIP files.
$ zip -P... (12 Replies)
Discussion started by: slashdotweenie
12 Replies
6. UNIX for Advanced & Expert Users
You know those lists of "the most common passwords"?
I was looking at one of those because I actually want to use a really common password or two on occasion. The thing is I'm skeptical that these are legitimate lists. Most things these days require at least 8 chars with a numeral. But these lists... (1 Reply)
Discussion started by: jutnobs
1 Replies
7. What is on Your Mind?
Original post from this thread on browser caching.
To add to this, it is an effective security measure to clear absolutely all cached data (cookies, web content, ....) when closing the browser - i.e. in case of a shutdown. It takes a bit of work to re-login to all the sites but websites will not... (7 Replies)
Discussion started by: bakunin
7 Replies
8. Forum Support Area for Unregistered Users & Account Problems
I was unable to login and so used the "Forgotten Password' process. I was sent a NEWLY-PROVIDED password and a link through which my password could be changed. The NEWLY-PROVIDED password allowed me to login.
Following the provided link I attempted to update my password to one of my own... (1 Reply)
Discussion started by: Rich Marton
1 Replies
KPROP(8) System Manager's Manual KPROP(8)
NAME
kprop - propagate a Kerberos V5 principal database to a slave server
SYNOPSIS
kprop [-r realm] [-f file] [-d] [-P port] [-s keytab] slave_host
DESCRIPTION
kprop is used to propagate a Kerberos V5 database dump file from the master Kerberos server to a slave Kerberos server, which is specfied
by slave_host. This is done by transmitting the dumped database file to the slave server over an encrypted, secure channel. The dump file
must be created by kdb5_util, and is normally KPROP_DEFAULT_FILE (/var/kerberos/krb5kdc/slave_datatrans).
OPTIONS
-r realm
specifies the realm of the master server; by default the realm returned by krb5_default_local_realm(3) is used.
-f file
specifies the filename where the dumped principal database file is to be found; by default the dumped database file is
KPROP_DEFAULT_FILE (normally /var/kerberos/slave_datatrans).
-P port
specifies the port to use to contact the kpropd server on the remote host.
-d prints debugging information.
-s keytab
specifies the location of the keytab file.
SEE ALSO
kpropd(8), kdb5_util(8), krb5kdc(8)
KPROP(8)