System Administration Guide: Security Services
Previous Next

Document Information

Preface

Part I Security Overview

1.  Security Services (Overview)

Part II System, File, and Device Security

2.  Managing Machine Security (Overview)

3.  Controlling Access to Systems (Tasks)

4.  Virus Scanning Service (Tasks)

5.  Controlling Access to Devices (Tasks)

6.  Using the Basic Audit Reporting Tool (Tasks)

7.  Controlling Access to Files (Tasks)

Part III Roles, Rights Profiles, and Privileges

8.  Using Roles and Privileges (Overview)

9.  Using Role-Based Access Control (Tasks)

10.  Role-Based Access Control (Reference)

11.  Privileges (Tasks)

12.  Privileges (Reference)

Part IV Solaris Cryptographic Services

13.  Solaris Cryptographic Framework (Overview)

14.  Solaris Cryptographic Framework (Tasks)

15.  Solaris Key Management Framework

Part V Authentication Services and Secure Communication

16.  Using Authentication Services (Tasks)

17.  Using PAM

18.  Using SASL

19.  Using Solaris Secure Shell (Tasks)

Solaris Secure Shell (Overview)

Solaris Secure Shell Enhancements in the Solaris 10 Release

Solaris Secure Shell (Task Map)

Configuring Solaris Secure Shell (Task Map)

Configuring Solaris Secure Shell

Using Solaris Secure Shell (Task Map)

Using Solaris Secure Shell

20.  Solaris Secure Shell (Reference)

Part VI Kerberos Service

21.  Introduction to the Kerberos Service

22.  Planning for the Kerberos Service

23.  Configuring the Kerberos Service (Tasks)

24.  Kerberos Error Messages and Troubleshooting

25.  Administering Kerberos Principals and Policies (Tasks)

26.  Using Kerberos Applications (Tasks)

27.  The Kerberos Service (Reference)

Part VII Solaris Auditing

28.  Solaris Auditing (Overview)

29.  Planning for Solaris Auditing

30.  Managing Solaris Auditing (Tasks)

31.  Solaris Auditing (Reference)

Glossary

Index

Solaris Secure Shell Enhancements in the Solaris 10 Release

Since the Solaris 9 release, the following changes have been introduced to Solaris Secure Shell:

  • Solaris Secure Shell is based on OpenSSH 3.5p1. The Solaris implementation also includes features and bug fixes from versions up to OpenSSH 3.8p1.

  • The default value of X11Forwarding is yes in the /etc/ssh/sshd_config file.

  • The following keywords have been introduced:

    • GSSAPIAuthentication

    • GSSAPIKeyExchange

    • GSSAPIDelegateCredentials

    • GSSAPIStoreDelegatedCredentials

    • KbdInteractiveAuthentication

    The GSSAPI keywords enable Solaris Secure Shell to use GSS credentials for authentication. The KbdInteractiveAuthentication keyword supports arbitrary prompting and password changing in PAM. For a complete list of keywords and their default values, see Keywords in Solaris Secure Shell.

  • The ARCFOUR and AES128-CTR ciphers are now available. ARCFOUR is also known as RC4. The AES cipher is AES in counter mode.

  • The sshd daemon uses the variables in /etc/default/login and the login command. The /etc/default/login variables can be overridden by values in the sshd_config file. For more information, see Solaris Secure Shell and Login Environment Variables and the sshd_config(4) man page.
Previous Next