|
|
Sponsored Content
Top Forums
Shell Programming and Scripting
Secondary Authentication of UNIX .
Post 302962413 by cjcox on Monday 14th of December 2015 10:42:52 AM
|
|
9 More Discussions You Might Find Interesting
1. Windows & DOS: Issues & Discussions
I am not an expert in Unix at all. My knowledge of Unix is average. We have a couple of Unix servers, Solaris and Linux, which run mostly web servers, and Oracle databases. Currently users have multiple user IDs for Unix and AD applications. Is it possible to make use of the Windows Active... (2 Replies)
Discussion started by: speriya
2 Replies
2. Shell Programming and Scripting
Is there a command or better combination of cmds that will give me the list of Unix users in a particular Unix group whether their primary group is that group in question (information stored in /etc/passwd) or they are in a secondary group (information stored in /etc/group).
So far all I got... (5 Replies)
Discussion started by: ckmehta
5 Replies
3. Solaris
I am using solaris unix 8.2 version. I want to bypass password authentication for sftp. Can you please give some ideas on this. thanks.Regards. (4 Replies)
Discussion started by: vijill
4 Replies
4. Web Development
My .NET website invokes a perl script to perform GIT operations on Gerrit server running UBuntu. In the perl script I connect using passwordless authentication to Gerrit server as below:
system ( "ssh gitadmin@gerritserver.com 'cd /xyz && git clone xxx' ");
I verified that ssh authentication... (3 Replies)
Discussion started by: tkota
3 Replies
5. AIX
We are looking at using Tivoli Directory Server (LDAP) or Active Directory 2003 for authentication. I wanted to get some feedback from the community. Our goal is to do it the simplest, easiest, and cheapest way that allows for centralized user authentication. We are mainly an AIX environment with... (3 Replies)
Discussion started by: x96riley3
3 Replies
6. UNIX and Linux Applications
Hi,
We are looking for UNIX and Linux authentication middleware/tools which can replace our existing RSA SecurID - Two-Factor Authentication. Any suggestions or recommendations.
Thanks,
Gabar (2 Replies)
Discussion started by: Gabar Singh
2 Replies
7. UNIX for Dummies Questions & Answers
Hi,
I was wondering if someone may be able to help me with finding out the different *nix logon types.
The different logon types for a Successful Logon event type in Windows (4624) is well documented both on the M$ site and also on many tech related sites, listing the different logon types... (6 Replies)
Discussion started by: urhero
6 Replies
8. Cybersecurity
Hello,
We have mid level infrastructure of all on-premises servers. All windows servers are getting authenticated by Microsoft Active Directory Services, half Unix (Solaris+Linux) servers are getting authentication by NIS and other half by LDAP.
We have plans to migrate from NIS to LDAP, so... (2 Replies)
Discussion started by: solaris_1977
2 Replies
9. Cybersecurity
The UNIX/Linux server security is challenging because these servers are at a risk of getting compromised at any point of time by the attackers. In today's enterprise environment, the UNIX and Linux servers are growing popular. With their increased popularity, these servers have become the primary... (1 Reply)
Discussion started by: reve-secure
1 Replies
LEARN ABOUT DEBIAN
kas_interactive
KAS_INTERACTIVE(8) AFS Command Reference KAS_INTERACTIVE(8) NAME
kas_interactive - Enters interactive mode SYNOPSIS
kas interactive [-admin_username <admin principal to use for authentication>] [-password_for_admin <admin password>] [-cell <cell name>] [-servers <explicit list of authentication servers>+] [-noauth] [-help] kas i [-a <admin principal to use for authentication>] [-p <admin password>] [-c <cell name>] [-s <explicit list of authentication servers>+] [-n] [-h] DESCRIPTION
The kas interactive command establishes an interactive session for the issuer of the command. By default, the command interpreter establishes an authenticated connection for the user logged into the local file system with all of the Authentication Servers listed in the local /etc/openafs/CellServDB file for the cell named in the local /etc/openafs/ThisCell file. To specify an alternate identity, cell name, or list of Authentication Servers, include the -admin_username, -cell, or -servers arguments respectively. Interactive mode lasts for six hours unless the maximum ticket lifetime for the issuer or the Authentication Server's Ticket Granting Service is shorter. There are two other ways to enter interactive mode, in addition to the kas interactive command: o Type the kas command at the shell prompt without any operation code. If appropriate, include one or more of the -admin_username, -password_for_admin, -cell, and -servers arguments. o Type the kas command followed by a user name and cell name, separated by an "@" sign (for example: kas admin@abc.com), to establish a connection under the specified identity with the Authentication Servers listed in the local /etc/openafs/CellServDB file for the indicated cell. If appropriate, provide the -servers argument to specify an alternate list of Authentication Server machines that belong to the indicated cell. There are several consequences of entering interactive mode: o The "ka>" prompt replaces the system (shell) prompt. When typing commands at this prompt, provide only the operation code (omit the command suite name, kas). o The command interpreter does not prompt for the issuer's password. The issuer's identity and password, the relevant cell, and the set of Authentication Server machines specified when entering interactive mode apply to all commands issued during the session. They cannot be changed without leaving the session, except by using the kas noauthentication command to replace the current authenticated connections with unauthenticated ones. The -admin_username, -password_for_admin, -cell, and -servers arguments are ignored if provided on a command issued during interactive mode. To establish an unauthenticated connection to the Authentication Server, include the -noauth flag or provide an incorrect password. Unless authorization checking is disabled on each Authentication Server machine involved, however, it is not possible to perform any privileged operations within such a session. To end the current authenticated connection and establish an unauthenticated one, issue the kas noauthentication command. To leave interactive mode and return to the regular shell prompt, issue the kas quit command. OPTIONS
-admin_username <admin principal> Specifies the user identity under which to authenticate with the Authentication Server for execution of the command. For more details, see kas(8). -password_for_admin <admin password> Specifies the password of the command's issuer. If it is omitted (as recommended), the kas command interpreter prompts for it and does not echo it visibly. For more details, see kas(8). -cell <cell name> Names the cell in which to run the command. For more details, see kas(8). -servers <authentication servers>+ Names each machine running an Authentication Server with which to establish a connection. For more details, see kas(8). -noauth Assigns the unprivileged identity "anonymous" to the issuer. For more details, see kas(8). -help Prints the online help for this command. All other valid options are ignored. EXAMPLES
The following example shows a user entering interactive mode as the privileged user "admin". % kas interactive admin Password for admin: I<admin_password> ka> PRIVILEGE REQUIRED
None SEE ALSO
kas(8), kas_noauthentication(8), kas_quit(8) COPYRIGHT
IBM Corporation 2000. <http://www.ibm.com/> All Rights Reserved. This documentation is covered by the IBM Public License Version 1.0. It was converted from HTML to POD by software written by Chas Williams and Russ Allbery, based on work by Alf Wachsmann and Elizabeth Cassell. OpenAFS 2012-03-26 KAS_INTERACTIVE(8)