Solved

what is "Kerberos Security" in Solaris 10 and when is it used?

Posted on 2006-06-19
2
616 Views
Last Modified: 2013-12-21
I am installing Solaris 10 for the first time and have no experience installing unix OSs. Only thing I am good at is following directions. I intend to install and reinstall until I am confident enough with its configuration that I can colocate the box. Thus, security is a major concern for me, including concerns regarding someone having physical access of the drives should the box ever get stolen (thus, encryption of the data drives is of great interest to me).

The box is a Sun E250 dual processor, 512 mb RAM, 6 18 gb hard drives, 2 power supplies.

While installing Solaris 10, I am prompted with the following:


Specify Yes if the system will use the Kerberos security mechanism.

        Specify No if this system will use standard UNIX security.
      
            Configure Kerberos Security
            [ ] Yes
            [X] No

What exactly is "Kerberos Security", what advantages are there to using it and not using it, and would it benefit a system that will eventually be colocated?
0
Comment
Question by:TJonLongIsland
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 10

Accepted Solution

by:
Nukfror earned 500 total points
ID: 16939017
For one definition look here:

http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci212437,00.html

Amont the pros of using Kerberos is better security in locking down your servers and services that user Kerberos.  One cons is Kerberos requires a highly-secure server that provides the tickets authorization and verification services (among other Kerberos tasks).  So to really get Kerberos working, you need to do LOTS of planning to make it work correctly.

If you're going to colo a server, I would suggest enabling IPFilter on Solaris 10 and using SSH.  If you want to get even more secure, then read about and utilize RBAC.


0
 

Author Comment

by:TJonLongIsland
ID: 16979492
I like your answer, and am about to close this question. I have a follow-up though, that I'll ask as a separate question.
0

Featured Post

Free Tool: SSL Checker

Scans your site and returns information about your SSL implementation and certificate. Helpful for debugging and validating your SSL configuration.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
FTP on FreeBSD server 2 152
cron job says it ran, no results 25 128
add some character at the end of line in vi 7 106
Showing a username in UNIX and using that name in the script 4 58
I have been running these systems for a few years now and I am just very happy with them.   I just wanted to share the manual that I have created for upgrades and other things.  Oooh yes! FreeBSD makes me happy (as a server), no maintenance and I al…
Using libpcap/Jpcap to capture and send packets on Solaris version (10/11) Library used: 1.      Libpcap (http://www.tcpdump.org) Version 1.2 2.      Jpcap(http://netresearch.ics.uci.edu/kfujii/Jpcap/doc/index.html) Version 0.6 Prerequisite: 1.      GCC …
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.

761 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question