10 More Discussions You Might Find Interesting
1. Solaris
I have a disk failure in a V280, the support tech asked for explorer output and rsc information
sc>showsc
rsc>environment
rsc>loghistory
rsc>consolehistory
rsc>version -v
since RSC is not a secure connection, I am not comfortable with providing this information for a disk... (2 Replies)
Discussion started by: baumer11
2 Replies
2. Solaris
Does anyone know where to get these on Oracle's support site or elsewhere? (7 Replies)
Discussion started by: LittleLebowski
7 Replies
3. Solaris
Hi All, ;)
I have configured rsc hosted on Sun-Fire-V490.
But I am not able to telnet this machine
Packages installed :
#pkginfo -l | grep SUNWrsc
PKGINST: SUNWrsc
PKGINST: SUNWrscd
PKGINST: SUNWrscj
I rebooted system but still I' not able to take rsc.
I am not... (3 Replies)
Discussion started by: tuxian
3 Replies
4. Solaris
All,
I have a unique situation concerning RSC cards and would like to see if anyone has a solution. Here is the situation:
We are migrating older versions of Solaris using ufsdump images to like older hardware. We basically installed a temporary Solaris O/S then copied the dumps over and... (5 Replies)
Discussion started by: sljack
5 Replies
5. Solaris
Hi everyone,
I've been reading across to configure the RSC that came with my SunFire v890 (along time ago) but I think there are several points I don't completely understand.
First, I think I need a new IP address for the RSC, right? where should I attach the RSC? to my network (the same as the... (2 Replies)
Discussion started by: gcrespo
2 Replies
6. Solaris
Hi All
I have done a reboot for SUN Solaris 8 ( model SUNFIRE 280R)
but i havent got the OK prompt i only got the following:
RSC2 POST - Version 10-18-2000 0.7
Dual Port Memory Test, PASSED.
TTY External - Internal Loopback Test
TTY External - Internal Loopback Test, PASSED.
... (3 Replies)
Discussion started by: alaa75
3 Replies
7. Solaris
Dear All,
Can any body help me how to configure the RSC in solaris9.
Thanks and Regards, (1 Reply)
Discussion started by: lbreddy
1 Replies
8. Solaris
Hi All,
Please send the configuration for RSC in solaris.
Thanks and Regards, (3 Replies)
Discussion started by: lbreddy
3 Replies
9. UNIX for Dummies Questions & Answers
Hi I have a SUN box that i am supporting Model 480r . The RS card that is attached to it is giving some problems . It is pinging but i am unable to telnet into it therefore having no remote TC console access ( the system is currently up )
Is there a way by which i can remotely check the... (1 Reply)
Discussion started by: Sam4u
1 Replies
10. Solaris
When I try to connect to a RSC console using the serial port by modem, I can connect but I can't type username neither password because the screen scrolls up. At the loghistory shows the message: RSC Login failure.
Using serial without modem, it works well. (2 Replies)
Discussion started by: Livio
2 Replies
LEARN ABOUT DEBIAN
krb5_auth_rules
krb5_auth_rules(5) Standards, Environments, and Macros krb5_auth_rules(5)
NAME
krb5_auth_rules - Overview of Kerberos V5 authorization
DESCRIPTION
When a user uses kerberized versions of the ftp, rdist, rcp, rlogin, rsh, or telnet clients to connect to a server, even if the user's
claimed Kerberos V5 identity is authenticated, the user is not necessarily authorized. Authentication merely proves that the user is "who
he says he is" to the Kerberos V5 authentication system. Authorization also needs to be done, since it determines if that Kerberos identity
is permitted to access the Solaris user account that the client wants to access.
Each user may have a private authorization list in a file ~/.k5login in his login directory (on the server). Each line in this file should
contain a Kerberos principal name of the form principal/instance@realm. If the server finds a ~/.k5login file, then access is granted to
the account if and only if the originating user is authenticated to one of the principals named in the ~/.k5login file.
If there is no ~/.k5login file, the originating user will then be checked against the gsscred table (see gsscred(1M)). If the originating
user's Kerberos V5 identity is in the gsscred table, and if the UNIX user id in the gsscred table corresponds to the user account the
client is trying access, then the originating user is granted access to the account on the server. If the UNIX user id does not match, then
the originating user is denied access.
For example, suppose the originating user has a principal name of jdb@ENG.ACME.COM and the target account is jdb-user. If jdb@ENG.ACME.COM
appears in the gsscred table with uid 23154 and if jdb-user appears in the user account database (see passwd(4)) with uid 23154, then
access to account jdb-user is granted. Of course, normally, the target account name in this example would be jdb and not jdb-user.
Finally, if there is no ~/.k5login file and if the originating user's Kerberos V5 identity is not in the gsscred table, then the user will
be granted access to the account if and only if all of the following are true:
o The user part of the authenticated principal name is the same as the target account name specified by the client.
o The realm part of the client and server are the same.
o The target account name exists on the server.
For example, if the originating user has a principal name of jdb@ENG.ACME.COM and if the server is in realm SALES.ACME.COM, then even if
jdb is a valid account name on the server, the client would be denied access. This is because the realms SALES.ACME.COM and ENG.ACME.COM
differ.
FILES
~/.k5login Per user-account authorization file.
/etc/passwd System account file. This information may also be in a directory service. See passwd(4).
ATTRIBUTES
See attributes(5) for a description of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
SEE ALSO
ftp(1), rcp(1), rdist(1), rlogin(1), rsh(1), telnet(1), gsscred(1M), passwd(4), attributes(5), gss_auth_rules(5)
NOTES
To avoid security problems, the ~/.k5login file must be owned by the remote user.
SunOS 5.10 13 Apr 2004 krb5_auth_rules(5)