| Document Information Preface Part I Security Overview 1.  Security Services (Overview) Part II System, File, and Device Security 2.  Managing Machine Security (Overview) 3.  Controlling Access to Systems (Tasks) 4.  Virus Scanning Service (Tasks) 5.  Controlling Access to Devices (Tasks) 6.  Using the Basic Audit Reporting Tool (Tasks) 7.  Controlling Access to Files (Tasks) Part III Roles, Rights Profiles, and Privileges 8.  Using Roles and Privileges (Overview) 9.  Using Role-Based Access Control (Tasks) 10.  Role-Based Access Control (Reference) 11.  Privileges (Tasks) 12.  Privileges (Reference) Part IV Solaris Cryptographic Services 13.  Solaris Cryptographic Framework (Overview) 14.  Solaris Cryptographic Framework (Tasks) 15.  Solaris Key Management Framework Part V Authentication Services and Secure Communication 16.  Using Authentication Services (Tasks) 17.  Using PAM 18.  Using SASL 19.  Using Solaris Secure Shell (Tasks) 20.  Solaris Secure Shell (Reference) Part VI Kerberos Service 21.  Introduction to the Kerberos Service 22.  Planning for the Kerberos Service 23.  Configuring the Kerberos Service (Tasks) 24.  Kerberos Error Messages and Troubleshooting 25.  Administering Kerberos Principals and Policies (Tasks) 26.  Using Kerberos Applications (Tasks) 27.  The Kerberos Service (Reference) Part VII Solaris Auditing 28.  Solaris Auditing (Overview) 29.  Planning for Solaris Auditing 30.  Managing Solaris Auditing (Tasks) 31.  Solaris Auditing (Reference) Glossary Index |       	 
             I
-I option
bart create command, How to Create a Manifestst_clean script, Device-Clean Scripts 
-i option
bart create command
How to Create a ManifestHow to Compare Manifests for the Same System Over Timeencrypt command, How to Encrypt and Decrypt a Filest_clean script, Device-Clean Scripts 
identity files (Solaris Secure Shell), naming conventions, Solaris Secure Shell Files 
IdentityFile keyword, ssh_config file, Keywords in Solaris Secure Shell 
IDs
audit
audit session, Process Audit Characteristicsmechanism, Process Audit Characteristicsoverview, What Is Auditing?mapping UNIX to Kerberos principals, Using the gsscred Table 
IgnoreRhosts keyword, sshd_config file, Keywords in Solaris Secure Shell 
IgnoreUserKnownHosts keyword, sshd_config file, Keywords in Solaris Secure Shell 
import subcommand, pktool command, How to Import a Certificate Into Your Keystore 
in_addr audit token, format, in_addr Token 
in.ftpd daemon, Kerberos and, Kerberos Daemons 
in.rlogind daemon, Kerberos and, Kerberos Daemons 
in.rshd daemon, Kerberos and, Kerberos Daemons 
in.telnetd daemon, Kerberos and, Kerberos Daemons 
include control flag, PAM, How PAM Stacking Works 
inheritable privilege set, How Privileges Are Implemented 
initial ticket, definition, Types of Tickets 
install subcommand, cryptoadm command, How to Add a Software Provider 
installing
password encryption module, How to Install a Password Encryption Module From a Third Partyproviders in cryptographic framework, Plugins to the Solaris Cryptographic Framework 
instance, in principal names, Kerberos Principals 
integrity
Kerberos and, What Is the Kerberos Service?security service, Kerberos Security Services 
interactively configuring
Kerberos
master KDC server, How to Interactively Configure a Master KDCslave KDC server, How to Interactively Configure a Slave KDC 
INTERNAL plug-in, SASL and, SASL Plug-ins 
Internet firewall setup, Firewall Systems 
Internet-related tokens
in_addr token, in_addr Tokenip token, ip Token (Obsolete)iport token, iport Tokensocket token, socket Token 
invalid ticket, definition, Types of Tickets 
ioctl audit class, Definitions of Audit Classes 
ioctl() system calls, Definitions of Audit Classes
AUDIO_SETINFO(), Device-Clean Scripts 
IP addresses, Solaris Secure Shell checking, Keywords in Solaris Secure Shell 
ip audit token, format, ip Token (Obsolete) 
IP MIB-II, getting information from /dev/arp, How to Retrieve IP MIB-II Information From a /dev/* Device 
ipc audit class, Definitions of Audit Classes 
ipc audit token, ipc Token
format, ipc Token 
ipc_perm audit token, format, ipc_perm Token 
IPC privileges, Privilege Descriptions 
ipc type field values (ipc token), ipc Token 
iport audit token, format, iport Token 
item size field, arbitrary token, arbitrary Token  (Obsolete) JK
-k option
encrypt command, How to Encrypt and Decrypt a FileKerberized commands, Overview of Kerberized Commandsmac command, How to Compute a MAC of a File 
-K option
encrypt command, How to Encrypt and Decrypt a Filemac command, How to Compute a MAC of a FileKerberized commands, Overview of Kerberized Commandsusermod command, How to Assign Privileges to a User or Role 
.k5.REALM file, description, Kerberos Files 
.k5login file
description
Granting Access to Your AccountKerberos Filesrather than revealing password, Granting Access to Your Account 
kadm5.acl file
description, Kerberos Filesformat of entries, How to Modify the Kerberos Administration Privilegesmaster KDC entry
How to Configure a Master KDCHow to Configure a KDC to Use an LDAP Data ServerHow to Swap a Master KDC and a Slave KDCnew principals and
How to Create a New Kerberos PrincipalHow to Duplicate a Kerberos Principal 
kadm5.keytab file
description
Administering Keytab FilesKerberos Files 
kadmin command
creating host principal
How to Configure a Master KDCHow to Configure a KDC to Use an LDAP Data Serverdescription, Kerberos Commandsktadd command, How to Add a Kerberos Service Principal to a Keytab Filektremove command, How to Remove a Service Principal From a Keytab Fileremoving principals from keytab with, How to Remove a Service Principal From a Keytab FileSEAM Administration Tool and, Ways to Administer Kerberos Principals and Policies 
kadmin.local command
adding administration principals
How to Configure a Master KDCHow to Configure a KDC to Use an LDAP Data Serverautomating creation of principals, Automating the Creation of New Kerberos Principalscreating keytab file
How to Configure a Master KDCHow to Configure a KDC to Use an LDAP Data Serverdescription, Kerberos Commands 
kadmin.log file, description, Kerberos Files 
kadmind daemon
Kerberos and, Kerberos Daemonsmaster KDC and, Kerberos-Specific Terminology 
kadmind principal, Administering Keytab Files 
kbd file, How to Disable a System's Abort Sequence 
KbdInteractiveAuthentication keyword, Solaris Secure Shell, Keywords in Solaris Secure Shell 
kcfd daemon, How to Refresh or Restart All Cryptographic Services 
kclient command, description, Kerberos Commands 
kdb5_ldap_util command, description, Kerberos Commands 
kdb5_util command
creating KDC database, How to Configure a Master KDCcreating stash file
How to Configure a Slave KDCHow to Configure a Slave KDC to Use Full Propagationdescription, Kerberos Commands 
KDC
backing up and propagating, Backing Up and Propagating the Kerberos Databaseconfiguring master
configuring slaveautomatic, How to Automatically Configure a Master KDCinteractive, How to Interactively Configure a Master KDCmanual, How to Configure a Master KDCwith LDAP, How to Configure a KDC to Use an LDAP Data Server 
copying administration files from slave to masterautomatic, How to Automatically Configure a Slave KDCinteractive, How to Interactively Configure a Slave KDCmanual, How to Configure a Slave KDC 
How to Configure a Slave KDCHow to Configure a Slave KDC to Use Full Propagationcreating database, How to Configure a Master KDCcreating host principal
How to Configure a Master KDCHow to Configure a KDC to Use an LDAP Data Serverdatabase propagation, Which Database Propagation System to Usemaster
planning, The Number of Slave KDCsdefinition, Kerberos-Specific Terminologyports, Ports for the KDC and Admin Servicesrestricting access to servers, How to Restrict Access to KDC Serversslave, The Number of Slave KDCs
slave or masterdefinition, Kerberos-Specific Terminology 
Kerberos ServersConfiguring KDC Serversstarting daemon
How to Configure a Slave KDCHow to Configure a Slave KDC to Use Full Propagationswapping master and slave, Swapping a Master KDC and a Slave KDCsynchronizing clocks
master KDC
How to Configure a Master KDCHow to Configure a KDC to Use an LDAP Data Serverslave KDC
How to Configure a Slave KDCHow to Configure a Slave KDC to Use Full Propagation 
kdc.conf file
description, Kerberos Filesticket lifetime and, Ticket Lifetimes 
kdc.log file, description, Kerberos Files 
kdcmgr command
configuring master
configuring slaveautomatic, How to Automatically Configure a Master KDCinteractive, How to Interactively Configure a Master KDC 
server status, How to Interactively Configure a Master KDCautomatic, How to Automatically Configure a Slave KDCinteractive, How to Interactively Configure a Slave KDC 
kdestroy command
example, Destroying Kerberos TicketsKerberos and, Kerberos Commands 
KeepAlive keyword, Solaris Secure Shell, Keywords in Solaris Secure Shell 
Kerberos
administering, Administering Kerberos Principals and Policies (Tasks)Administration Tool
commandsSee SEAM Administration Tool 
Kerberos User CommandsKerberos Commandscomponents of, Kerberos Componentsconfiguration decisions, Planning for the Kerberos Serviceconfiguring KDC servers, Configuring KDC Serversdaemons, Kerberos Daemonsenabling Kerberized applications only, How to Enable Only Kerberized Applicationsencryption types
error messages, Kerberos Error Messagesoverview, Kerberos Encryption Typesusing, Using Kerberos Encryption Typesexamples of using Kerberized commands, Using Kerberized Commands (Examples)files, Kerberos Filesgaining access to server, Gaining Access to a Service Using Kerberosgranting access to your account, Granting Access to Your AccountKerberos V5 protocol, What Is the Kerberos Service?online help, Online Help URL in the Graphical Kerberos Administration Tooloptions to Kerberized commands, Overview of Kerberized Commandsoverview
password management, Kerberos Password Managementauthentication system
How the Kerberos Service WorksHow the Kerberos Authentication System WorksKerberized commands, Overview of Kerberized Commandsplanning for, Planning for the Kerberos Servicerealms
reference, The Kerberos Service (Reference)See realms (Kerberos)remote applications, The Kerberos Remote Applicationstable of network command options, Overview of Kerberized Commandsterminology
Kerberos TerminologyKerberos-Specific Terminologytroubleshooting, Kerberos Troubleshootingusing, Using Kerberos Applications (Tasks) 
Kerberos authentication, and Secure RPC, Kerberos Authentication 
Kerberos commands, Kerberos User Commands
enabling only Kerberized, How to Enable Only Kerberized Applicationsexamples, Using Kerberized Commands (Examples) 
kern.notice entry, syslog.conf file, Preventing Executable Files From Compromising Security 
kernel providers, listing, How to List Available Providers 
Key Distribution Center, See KDC 
key management framework (KMF), See KMF 
KEYBOARD_ABORT system variable, How to Disable a System's Abort Sequence 
keylogin command
use for Secure RPC, Implementation of Diffie-Hellman Authenticationverifying DH authentication setup, How to Set Up a Diffie-Hellman Key for an NIS+ Host 
KeyRegenerationInterval keyword, sshd_config file, Keywords in Solaris Secure Shell 
keys
creating DH key for NIS user, How to Set Up a Diffie-Hellman Key for an NIS Usercreating for Solaris Secure Shell, How to Generate a Public/Private Key Pair for Use With Solaris Secure Shelldefinition in Kerberos, Authentication-Specific Terminologygenerating for Solaris Secure Shell, How to Generate a Public/Private Key Pair for Use With Solaris Secure Shellgenerating symmetric key
service key, Administering Keytab Filesusing the dd command, How to Generate a Symmetric Key by Using the dd Commandusing the pktool command, How to Generate a Symmetric Key by Using the pktool Commandsession keys
using for MAC, How to Compute a MAC of a FileKerberos authentication and, How the Kerberos Authentication System Works 
keyserv daemon, How to Restart the Secure RPC Keyserver 
keyserver
description, Implementation of Diffie-Hellman Authenticationstarting, How to Restart the Secure RPC Keyserver 
keystores
exporting certificates, How to Export a Certificate and Private Key in PKCS #12 Formatimporting certificates, How to Import a Certificate Into Your Keystorelisting contents, How to Create a Certificate by Using the pktool gencert Commandmanaged by KMF, Key Management Framework Utilitiesprotecting with password in KMF, How to Generate a Passphrase by Using the pktool setpin Command 
keytab file
adding master KDC's host principal to
How to Configure a Master KDCHow to Configure a KDC to Use an LDAP Data Serveradding service principal to
Administering Keytab FilesHow to Add a Kerberos Service Principal to a Keytab Fileadministering, Administering Keytab Filesadministering with ktutil command, Administering Keytab Filescreating
How to Configure a Master KDCHow to Configure a KDC to Use an LDAP Data Serverdisabling a host's service with delete_entry command, How to Temporarily Disable Authentication for a Service on a Hostread into keytab buffer with read_kt command
How to Display the Keylist (Principals) in a Keytab FileHow to Temporarily Disable Authentication for a Service on a Hostremoving principals with ktremove command, How to Remove a Service Principal From a Keytab Fileremoving service principal from, How to Remove a Service Principal From a Keytab Fileviewing contents with ktutil command
How to Remove a Service Principal From a Keytab FileHow to Display the Keylist (Principals) in a Keytab Fileviewing keylist buffer with list command
How to Display the Keylist (Principals) in a Keytab FileHow to Temporarily Disable Authentication for a Service on a Host 
keytab option, SASL and, SASL Options 
keywords
See also specific keywordattribute in BART, Rules File Attributescommand-line overrides in Solaris Secure Shell, Solaris Secure Shell CommandsSolaris Secure Shell, Keywords in Solaris Secure Shell 
kgcmgr command, description, Kerberos Commands 
kinit command
example, Creating a Kerberos Ticket-F option, Creating a Kerberos TicketKerberos and, Kerberos Commandsticket lifetime, Ticket Lifetimes 
klist command
example, Viewing Kerberos Tickets-f option, Viewing Kerberos TicketsKerberos and, Kerberos Commands 
KMF
adding plugin, How to Manage Third-Party Plugins in KMFcreating
exporting certificates, How to Export a Certificate and Private Key in PKCS #12 Formatpassphrases for keystores, KMF Keystore Managementpassword for keystore, How to Generate a Passphrase by Using the pktool setpin Commandself-signed certificate, How to Create a Certificate by Using the pktool gencert Commandimporting certificates into keystore, How to Import a Certificate Into Your Keystorelibrary, Managing Public Key Technologieslisting plugins, How to Manage Third-Party Plugins in KMFmanaging
removing plugin, How to Manage Third-Party Plugins in KMFkeystores, KMF Keystore ManagementPKI policy, KMF Policy Managementplugins, KMF Plugin Managementpublic key technologies (PKI), Managing Public Key Technologiesutilities, Key Management Framework Utilities 
kmfcfg command
list plugin subcommand, How to Manage Third-Party Plugins in KMFplugin subcommands
Managing Public Key TechnologiesKMF Plugin Management 
known_hosts file
controlling distribution, Maintaining Known Hosts in Solaris Secure Shelldescription, Solaris Secure Shell Files 
Korn shell, privileged version, Profile Shell in RBAC 
kpasswd command
error message, Changing Your Passwordexample, Changing Your PasswordKerberos and, Kerberos Commandspasswd command and, Changing Your Password 
kprop command, description, Kerberos Commands 
kpropd.acl file, description, Kerberos Files 
kpropd daemon, Kerberos and, Kerberos Daemons 
kproplog command, description, Kerberos Commands 
krb5.conf file
description, Kerberos Filesdomain_realm section, Mapping Host Names Onto Realmsediting
How to Configure a Master KDCHow to Configure a KDC to Use an LDAP Data Serverports definition, Ports for the KDC and Admin Services 
krb5.keytab file, description, Kerberos Files 
krb5cc_uid file, description, Kerberos Files 
krb5kdc daemon
Kerberos and, Kerberos Daemonsmaster KDC and, Kerberos-Specific Terminologystarting
How to Configure a Slave KDCHow to Configure a Slave KDC to Use Full Propagation 
ksh command, privileged version, Profile Shell in RBAC 
ktadd command
adding service principal
Administering Keytab FilesHow to Add a Kerberos Service Principal to a Keytab Filesyntax, How to Add a Kerberos Service Principal to a Keytab File 
ktkt_warnd daemon, Kerberos and, Kerberos Daemons 
ktremove command, How to Remove a Service Principal From a Keytab File 
ktutil command
administering keytab file, Administering Keytab Filesdelete_entry command, How to Temporarily Disable Authentication for a Service on a HostKerberos and, Kerberos Commandslist command
How to Display the Keylist (Principals) in a Keytab FileHow to Temporarily Disable Authentication for a Service on a Hostread_kt command
How to Display the Keylist (Principals) in a Keytab FileHow to Temporarily Disable Authentication for a Service on a Hostviewing list of principals
How to Remove a Service Principal From a Keytab FileHow to Display the Keylist (Principals) in a Keytab File |