Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Solaris 8 MD5 encryption support
Operating Systems Solaris Solaris 8 MD5 encryption support Post 302995770 by bestard on Wednesday 12th of April 2017 03:28:37 AM
Old 04-12-2017
Solaris 8 MD5 encryption support
Hi,

I did some NIS migration tests recently.
The target is to migrate the NIS server from Solaris 8 to Redhat Linux 6.5.
And, I found there are encryption issues while Linux NIS using MD5 hashing password for authentication whereas Solaris 8 clients using DES encryption.

It causes issues that I can't log in Solaris 8 clients for NIS user authentication.
I know Solaris 8 doesn't support MD5 encryption, and there are ways to downgrade Linux NIS encryption to DES to support Solaris 8 connection, but that's not the way I like.

Is there any way to make Solaris 8 support MD5 encryption?
I search some articles online refering to the possiblity to implement it, but no details about how to do.

Thanks.
 

7 More Discussions You Might Find Interesting

1. Cybersecurity

MD5 to DES encryption

Is it possible to change the type of encryption from MD5 to DES without removing a user? Way back when this server was created, users were created with the MD5 encryption. Now, all users created with DES encryption. Is it possible to just change the type of password encryption? Users using... (1 Reply)
Discussion started by: Larsonist
1 Replies

2. Solaris

Verifying Solaris CD Downloads with md5 Checksum on Ubuntu

I didn't know weather to post this in the Solaris or Linux forum so move it if necessary. In the Solaris 10 CD Download Instructions, it says: I open up a Terminal (I'm running Ubuntu Linux) and do a man on md5. It gives me this syntax: SYNOPSIS openssl dgst ... (2 Replies)
Discussion started by: Bradj47
2 Replies

3. Solaris

md5 encryption on solaris 8

is there patches enable passwords of greater than 8 characters with only md5 encryption (rather than the older crypt) for solaris 8. I am migrating a number of solaris 8 domains to branded zones. (1 Reply)
Discussion started by: frustin
1 Replies

4. Solaris

Solaris 10 openldap authentication with md5 passwords

Hello to everyone, We are trying to enable ldap authentication with pam_ldap and md5 passwords on a Solaris 10 system to an openldap server. If passwords are stored using crypt, everything works correctly. But if the password in openldap is in md5, then authentication fails. We have installed... (0 Replies)
Discussion started by: jfotop
0 Replies

5. Linux

Error: Encryption support not enabled

Hi when I run the following GET commad: ./snmpget -m ALL -M /data/net/naamab/snmp/snmp_mib/ -v 3 -a MD5 -l authPriv -u test1 -A welcome1 -x DES -X privpass 127.0.0.1 NOVELSAT-MODULATOR-MIB::nsModLineCMMode.0 -d I get the error: Encryption support not enabled. snmpget: USM encryption... (1 Reply)
Discussion started by: naamabm
1 Replies

6. Shell Programming and Scripting

Create md5 sums and archive the resulting md5 files

Hello everyone, I am looking to basically creating md5sum files for all iso files in a directory and archive the resulting md5 files into a single archive in that very same directory. I worked out a clumsy solution such as: #find files for which md5sum are to be created and store the... (1 Reply)
Discussion started by: SurfTranquille
1 Replies

7. Solaris

Need to disable CBC mode cipher encryption along with MD5 & 96 bit MAC algorithm

Hi All Is any one know how to diable CBC mode cipher encryption along with MD5 & 96 bit MAC algorithm in solaris 10. Regards (4 Replies)
Discussion started by: amity
4 Replies

LEARN ABOUT OPENDARWIN

nisauthconf

nisauthconf(1M) 					  System Administration Commands					   nisauthconf(1M)

NAME

       nisauthconf - configure NIS+ security

SYNOPSIS

       nisauthconf [-v] [mechanism,...]

DESCRIPTION

       nisauthconf  controls  which authentication flavors NIS+ should use when communicating with other NIS+ clients and servers.  If the command
       is not executed, then NIS+ will default to the AUTH_DES authentication flavor when running security level 2. See rpc.nisd(1M).

       nisauthconf takes a list of authentication mechanism's in order of preference.  An authentication mechanism may use one or more authentica-
       tion  flavors  listed  below.  If des is the only specified mechanism, then NIS+ only use AUTH_DES with other NIS+ clients and servers.	If
       des is the first mechanism, then other authentication mechanism's after des will be ignored  by	NIS+,  except  for  nisaddcred(1M).  After
       changing  the  mechanism  configuration, the keyserv(1M) daemon must be restarted. Note that doing so will remove encryption keys stored by
       the running keyserv process. This means that a reboot usually is the safest option when the mechanism configuration has been changed.

       The following mechanisms are available:

       +-----------------------------+-----------------------------+
       | Authentication mechanism    |	 Authentication Flavor	   |
       +-----------------------------+-----------------------------+
       |des			     |AUTH_DES			   |
       +-----------------------------+-----------------------------+
       |dh640-0 		     |RPCSEC_GSS  using   640-bit  |
       |			     |Diffie-Hellman keys	   |
       +-----------------------------+-----------------------------+
       |dh1024-0		     |RPCSEC_GSS  using  1024-bit  |
       |			     |Diffie-Hellman keys	   |
       +-----------------------------+-----------------------------+
       If no mechanisms are specified, then a list of currently configured mechanisms is printed.

OPTIONS

       -v	Displays a verbose table listing the currently configured authentication mechanisms.

EXAMPLES

       Example 1: Configuring a System with only RPCSEC_GSS Authentication Flavor

       To configure a system to use only the RPCSEC_GSS authentication flavor with 640-bit Diffie-Hellman keys, execute the following as root:

       example# /usr/lib/nis/nisauthconf dh640-0

       Example 2: Configuring a System with both RPCSEC_GSS and AUTH_DES Authentication Flavors

       To configure a system to use both RPCSEC_GSS (with 640-bit Diffie-Hellman keys) and AUTH_DES authentication flavors:

       example# /usr/lib/nis/nisauthconf dh640-0 des

       Example 3: Transitioning to Other Authentication Flavors

       The following example can be used while adding credentials for a new mechanism before NIS+ is authenticating with the new mechanism:

       example#  /usr/lib/nis/nisauthconf des dh640-0

       Note that except for nisaddcred(1M), NIS+ will not use mechanisms that follow 'des.'

EXIT STATUS

       The following exit values are returned:

       0	Successful completion.

       1	An error occurred.

FILES

       /etc/rpcsec/nisplussec.conf

	   NIS+ authentication configuration file. This file may change or be removed in future versions of Solaris.

ATTRIBUTES

       See attributes(5)  for descriptions of the following attributes:

       +-----------------------------+-----------------------------+
       |      ATTRIBUTE TYPE	     |	    ATTRIBUTE VALUE	   |
       +-----------------------------+-----------------------------+
       |Availability		     |SUNWnisu			   |
       +-----------------------------+-----------------------------+

SEE ALSO

       nis+(1), keyserv(1M), nisaddcred(1M), rpc.nisd(1M), attributes(5)

NOTES

       A NIS+ client of a server that is configured for either dh640-0 or dh1024-0 must run Solaris 7 or later, even if the server is also config-
       ured with des.

       NIS+  might  not  be  supported in future releases of the SolarisTM Operating Environment. Tools to aid the migration from NIS+ to LDAP are
       available in the Solaris 9 operating environment. For more information, visit http://www.sun.com/directory/nisplus/transition.html.

SunOS 5.10							    12 Dec 2001 						   nisauthconf(1M)
All times are GMT -4. The time now is 05:00 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy