Kerberos command, Kerberos and dsx, Table 61 kerberos commands – Raritan Computer DOMINION DSX-0N-E User Manual

Page 162

Advertising
background image

144

D

OMINION

SX

U

SER

G

UIDE

To view the current iptables ruleset
admin > Security >firewall >iptables –list


Clear the iptables rules
To clear the iptables rules.
admin > Security >firewall >iptables --flush

Save the configured settings
To save the iptables rules into the local database.
admin > Security >firewall >iptables-save

Execute this command once you have configured all the settings.

Kerberos Command

The kerberos command menu provides access to the commands used to configure the Kerberos
network authentication protocol. The Kerberos commands are listed in the table below.

Table 61 Kerberos Commands

C

OMMAND

D

ESCRIPTION

gethostnamefile

Get /etc/hosts in case of DNS failure file

getkrbconfig

Get kerberos 5 configuration file

kadmin

Kerberos admin client

kerberos

Kerberos based Network Authentication

kinit

get kerberos ticket

klist

list kerberos ticket


Kerberos and DSX
DSX can use kerberos authentication by using the following steps. As a result , Kerberos-based
network mutual authentication and symmetric [ a.k.a. private/secret] key cryptography can be
achieved in the CLI and GUI of the DSX for remote user authentication.

See

the

MIT Kerberos

website for information about Kerberos, KDC, Kadmind , client machine

setup, and the FAQs related to these topics.

1. Set your krb5.conf stanzas and ftp it using getkrbconfig [ configuration settings available

in : http://www.faqs.org/faqs/kerberos-faq/general/section-38.html ]

2. Get a ticket use : kinit.
3. Use kadmin to add the keys to /etc/krb5.keytab for HTTP/FQDN@REALM and

host/FQDN@REALM .These keys are consistent across boots.

4. Remote authentication and authorization can be set up along with Kerberos

authentication. HTTP and telnet access will prompt you to enter username and password.
Currently Kerberos does not automatically map to local or remote usernames.

5. Enable Kerberos.
6. After a reboot, DSX is ready for secure telnet and HTTP protocol remote access.

Diagnostic Tips:

• Use the name command in the network menu to set the FQDN for DSX.
• Disable HTTP redirect from the services menu.
• Synchronize the time of the client machine. DSX machine, KDC and kadmind machines

using time menu and ntp option.

Advertising
Popular Brands
Popular manuals