?
Solved

what is "Kerberos Security" in Solaris 10 and when is it used?

Posted on 2006-06-19
2
Medium Priority
?
621 Views
Last Modified: 2013-12-21
I am installing Solaris 10 for the first time and have no experience installing unix OSs. Only thing I am good at is following directions. I intend to install and reinstall until I am confident enough with its configuration that I can colocate the box. Thus, security is a major concern for me, including concerns regarding someone having physical access of the drives should the box ever get stolen (thus, encryption of the data drives is of great interest to me).

The box is a Sun E250 dual processor, 512 mb RAM, 6 18 gb hard drives, 2 power supplies.

While installing Solaris 10, I am prompted with the following:


Specify Yes if the system will use the Kerberos security mechanism.

        Specify No if this system will use standard UNIX security.
      
            Configure Kerberos Security
            [ ] Yes
            [X] No

What exactly is "Kerberos Security", what advantages are there to using it and not using it, and would it benefit a system that will eventually be colocated?
0
Comment
Question by:TJonLongIsland
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 10

Accepted Solution

by:
Nukfror earned 2000 total points
ID: 16939017
For one definition look here:

http://searchsecurity.techtarget.com/sDefinition/0,,sid14_gci212437,00.html

Amont the pros of using Kerberos is better security in locking down your servers and services that user Kerberos.  One cons is Kerberos requires a highly-secure server that provides the tickets authorization and verification services (among other Kerberos tasks).  So to really get Kerberos working, you need to do LOTS of planning to make it work correctly.

If you're going to colo a server, I would suggest enabling IPFilter on Solaris 10 and using SSH.  If you want to get even more secure, then read about and utilize RBAC.


0
 

Author Comment

by:TJonLongIsland
ID: 16979492
I like your answer, and am about to close this question. I have a follow-up though, that I'll ask as a separate question.
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hello fellow BSD lovers, I've created a patch process for patching openjdk6 for BSD (FreeBSD specifically), although I tried to keep all BSD versions in mind when creating my patch. Welcome to OpenJDK6 on BSD First let me start with a little …
Every server (virtual or physical) needs a console: and the console can be provided through hardware directly connected, software for remote connections, local connections, through a KVM, etc. This document explains the different types of consol…
Learn how to get help with Linux/Unix bash shell commands. Use help to read help documents for built in bash shell commands.: Use man to interface with the online reference manuals for shell commands.: Use man to search man pages for unknown command…
In a previous video, we went over how to export a DynamoDB table into Amazon S3.  In this video, we show how to load the export from S3 into a DynamoDB table.
Suggested Courses

801 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question