10 More Discussions You Might Find Interesting
1. Shell Programming and Scripting
Dear All,
Can someone help to command or program to transfer the file from windows to Unix server and from one unix server to another Unix server in secure way.
I would request no samba client. (4 Replies)
Discussion started by: yadavricky
4 Replies
2. Solaris
How can we make rdist to work over ssh? By default rdist works with rsh protocol which is now the host server is refuses to accept the rsh connection. How to find rdist version which I am running? How to upgrade it to latest version?
Working environment is solaris 9 and solaris 10. (1 Reply)
Discussion started by: naveenjami
1 Replies
3. UNIX for Dummies Questions & Answers
Hello All,
My Problem is -> How can we get UNIX id from open mail authentication (Windows ID) in UNIX.
In following command we are using domain name, which may change in your reference.
As, if we use following command.
ypcat passwd | grep rohitp | cut -d: -f5 | cut -d, -f1
=> we get... (0 Replies)
Discussion started by: pandey.rohit
0 Replies
4. HP-UX
Hello,
I am looking for either the rdist binaries or code for HPUX 11.11.
Thanks (1 Reply)
Discussion started by: rfisher001
1 Replies
5. Windows & DOS: Issues & Discussions
Can anyone tell me if there is a possibility to connect WindowsXP to Unix by means of an X-Window?
I want to do this graphical but I can't find a client with a reasonable pricetag on it. We now use WRQ Reflection to connect to a character-based programm on the unix box. But I would like to do... (2 Replies)
Discussion started by: fwalda
2 Replies
6. UNIX for Advanced & Expert Users
I am trying to synchronize to boxes running True64 Unix one as a live backup of the other for user directories.
When running rdist, I receive the message "Permission Denied" when each directory is accessed with the sole exception of my own directory.
This has to be an automated process which... (1 Reply)
Discussion started by: doug_hutch
1 Replies
7. UNIX for Dummies Questions & Answers
i recently install redhat linux as a dual boot with win2000. after i log in my unix account. i tried to get window unix by typing startx or xinit. both gave me error. display message among other thing was something like fatal error. any help?
thanks (12 Replies)
Discussion started by: bb00y
12 Replies
8. UNIX for Advanced & Expert Users
Does anyone know of any known bugs/issues with the RDIST utility on HP unix?
I am trying to set up replication between two servers. All seems to work okay to start with, but the rdist program always terminates with a value of 1 - i.e. signifying an error. However - no error message or even warning... (1 Reply)
Discussion started by: man_with_no_nam
1 Replies
9. IP Networking
Is there any way that I could invoke a Win NT application in a UNIX environment?
Needed to do this to direct the output of an Win NT application to a UNIX program, and then back again. Furthermore, because there's a large amount of processing to be done, it will be great if I could do this... (1 Reply)
Discussion started by: Norman N
1 Replies
10. UNIX for Dummies Questions & Answers
Hi i am new to Unix and i was wondering if you could help me with 2 problems i have?
Firstly i use Telnet to connect to my main server unix-shells.com and i want to know how i can use the "window" program?
i understand how it works but i want to be able to easily make new windows and hide the... (1 Reply)
Discussion started by: ditoa
1 Replies
krb5_auth_rules(5) Standards, Environments, and Macros krb5_auth_rules(5)
NAME
krb5_auth_rules - Overview of Kerberos V5 authorization
DESCRIPTION
When a user uses kerberized versions of the ftp, rdist, rcp, rlogin, rsh, or telnet clients to connect to a server, even if the user's
claimed Kerberos V5 identity is authenticated, the user is not necessarily authorized. Authentication merely proves that the user is "who
he says he is" to the Kerberos V5 authentication system. Authorization also needs to be done, since it determines if that Kerberos identity
is permitted to access the Solaris user account that the client wants to access.
Each user may have a private authorization list in a file ~/.k5login in his login directory (on the server). Each line in this file should
contain a Kerberos principal name of the form principal/instance@realm. If the server finds a ~/.k5login file, then access is granted to
the account if and only if the originating user is authenticated to one of the principals named in the ~/.k5login file.
If there is no ~/.k5login file, the originating user will then be checked against the gsscred table (see gsscred(1M)). If the originating
user's Kerberos V5 identity is in the gsscred table, and if the UNIX user id in the gsscred table corresponds to the user account the
client is trying access, then the originating user is granted access to the account on the server. If the UNIX user id does not match, then
the originating user is denied access.
For example, suppose the originating user has a principal name of jdb@ENG.ACME.COM and the target account is jdb-user. If jdb@ENG.ACME.COM
appears in the gsscred table with uid 23154 and if jdb-user appears in the user account database (see passwd(4)) with uid 23154, then
access to account jdb-user is granted. Of course, normally, the target account name in this example would be jdb and not jdb-user.
Finally, if there is no ~/.k5login file and if the originating user's Kerberos V5 identity is not in the gsscred table, then the user will
be granted access to the account if and only if all of the following are true:
o The user part of the authenticated principal name is the same as the target account name specified by the client.
o The realm part of the client and server are the same.
o The target account name exists on the server.
For example, if the originating user has a principal name of jdb@ENG.ACME.COM and if the server is in realm SALES.ACME.COM, then even if
jdb is a valid account name on the server, the client would be denied access. This is because the realms SALES.ACME.COM and ENG.ACME.COM
differ.
FILES
~/.k5login Per user-account authorization file.
/etc/passwd System account file. This information may also be in a directory service. See passwd(4).
ATTRIBUTES
See attributes(5) for a description of the following attributes:
+-----------------------------+-----------------------------+
| ATTRIBUTE TYPE | ATTRIBUTE VALUE |
+-----------------------------+-----------------------------+
|Interface Stability |Evolving |
+-----------------------------+-----------------------------+
SEE ALSO
ftp(1), rcp(1), rdist(1), rlogin(1), rsh(1), telnet(1), gsscred(1M), passwd(4), attributes(5), gss_auth_rules(5)
NOTES
To avoid security problems, the ~/.k5login file must be owned by the remote user.
SunOS 5.10 13 Apr 2004 krb5_auth_rules(5)