C

-C option, auditreduce command, How to Merge Audit Files From the Audit Trail

C shell, privileged version, Profile Shells and RBAC

-c option

auditrecord command, How to Display Audit Record Definitions

auditreduce command, How to Select Audit Events From the Audit Trail

cache, credential, How the Kerberos Authentication System Works

canon_user_plugin option, SASL and, SASL Options

caret (^)

in audit class prefixes

How to Configure a User's Audit Characteristics

How to Find Audit Records of Changes to Specific Files

using prefix in audit_flags value, How to Configure a User's Audit Characteristics

CD-ROM drives

allocating, How to Mount an Allocated Device

security, Device-Clean Scripts

cdrw command, authorizations required, Selected Commands That Require Authorizations

certificate signing requests (CSR), See certificates

certificates

exporting for use by another system, How to Export a Certificate and Private Key in PKCS #12 Format

generating with pktool gencert command, How to Create a Certificate by Using the pktool gencert Command

importing into keystore, How to Import a Certificate Into Your Keystore

signing PKCS #10 CSR

using the pktool command, How to Sign a Certificate Request by Using the pktool signcsr Command

ChallengeResponseAuthentication keyword, See KbdInteractiveAuthentication keyword

changing

allocatable devices, How to Change Which Devices Can Be Allocated

audit_class file, How to Add an Audit Class

audit_event file, How to Change an Audit Event's Class Membership

auditing defaults, How to Preselect Audit Classes

default password algorithm, Changing the Default Algorithm for Password Encryption (Tasks)

file ownership, How to Change the Owner of a File

file permissions

absolute mode, How to Change File Permissions in Absolute Mode

special, How to Change Special File Permissions in Absolute Mode

symbolic mode, How to Change File Permissions in Symbolic Mode

group ownership of file, How to Change Group Ownership of a File

NFS secret keys, Implementation of Diffie-Hellman Authentication

passphrase for Secure Shell, How to Change the Passphrase for a Secure Shell Private Key

password algorithm for a domain, How to Specify a New Password Algorithm for an NIS Domain

password algorithm task map, Changing the Default Algorithm for Password Encryption (Tasks)

password of role, How to Change the Password of a Role

properties of role, How to Change the Security Attributes of a Role

rights profile contents, How to Create a Rights Profile

root password, How to Change the root Password

root role into user, How to Change the root Role Into a User

special file permissions, How to Change Special File Permissions in Absolute Mode

your password with kpasswd, Changing Your Password

your password with passwd, Changing Your Password

CheckHostIP keyword, ssh_config file, Keywords in Secure Shell

chgrp command

description, Commands for Viewing and Securing Files

syntax, How to Change Group Ownership of a File

chkey command

Implementation of Diffie-Hellman Authentication

How to Set Up a Diffie-Hellman Key for an NIS User

chmod command

changing special permissions

How to Change Special File Permissions in Absolute Mode

How to Change Special File Permissions in Absolute Mode

description, Commands for Viewing and Securing Files

syntax, How to Change Special File Permissions in Absolute Mode

choosing, your password, Advice on Choosing a Password

chown command, description, Commands for Viewing and Securing Files

chroot directory, sftp and, How to Create an Isolated Directory for sftp Files

ChrootDirectory keyword, ssh_config file, Keywords in Secure Shell

Cipher keyword, ssh_config file, Keywords in Secure Shell

Ciphers keyword, Secure Shell, Keywords in Secure Shell

classes, See audit classes

cleaning up, binary audit files, How to Clean Up a not_terminated Audit File

clear protection level, Overview of Kerberized Commands

ClearAllForwardings keyword, Secure Shell port forwarding, Keywords in Secure Shell

client names, planning for in Kerberos, Client and Service Principal Names

ClientAliveCountMax keyword, ssh_config file, Keywords in Secure Shell

ClientAliveInterval keyword, ssh_config file, Keywords in Secure Shell

clients

AUTH_DH client-server session, Implementation of Diffie-Hellman Authentication

configuring for Secure Shell

Session Characteristics in Secure Shell

Client Configuration in Secure Shell

configuring Kerberos, Configuring Kerberos Clients

definition in Kerberos, Authentication-Specific Terminology

clntconfig principal

creating

How to Manually Configure a Master KDC

How to Configure a KDC to Use an LDAP Data Server

clock skew

Kerberos and, Synchronizing Clocks Between KDCs and Kerberos Clients

Kerberos planning and, Clock Synchronization Within a Realm

clock synchronizing

Kerberos master KDC and

How to Manually Configure a Master KDC

How to Configure a KDC to Use an LDAP Data Server

Kerberos planning and, Clock Synchronization Within a Realm

Kerberos slave KDC and, How to Manually Configure a Slave KDC

Kerberos slave server and, How to Configure a Slave KDC to Use Full Propagation

cloning, rights profile contents, How to Clone and Modify a System Rights Profile

cmd audit token, cmd Token

cnt audit policy

description, Understanding Audit Policy

with ahlt policy, Audit Policies for Asynchronous and Synchronous Events

combining audit files

auditreduce command, How to Merge Audit Files From the Audit Trail

from different zones, Auditing and Oracle Solaris Zones

command execution, Secure Shell, Command Execution and Data Forwarding in Secure Shell

command-line equivalents of SEAM Tool, Command-Line Equivalents of the SEAM Tool

commands

See also individual commands

Cryptographic Framework commands, Administrative Commands in the Cryptographic Framework

determining user's privileged commands, How to Determine the Privileged Commands That You Can Run

device allocation commands, Device Allocation Commands

device policy commands, Device Policy Commands

file protection commands, Commands for Viewing and Securing Files

for administering privileges, Administrative Commands for Handling Privileges

Kerberos, Kerberos Commands

RBAC administration commands, Commands That Manage RBAC

Secure RPC commands, Implementation of Diffie-Hellman Authentication

Secure Shell commands, Secure Shell Commands

that assign privileges, Assigning Privileges

that check for privileges, Applications That Check for Privileges

user-level cryptographic commands, User-Level Commands in the Cryptographic Framework

common keys

calculating, Implementation of Diffie-Hellman Authentication

DH authentication and, Diffie-Hellman Authentication and Secure RPC

components

BART, BART Components

device allocation mechanism, Components of Device Allocation

RBAC, RBAC Elements and Basic Concepts

Secure Shell user session, Command Execution and Data Forwarding in Secure Shell

compressing, audit files on disk, How to Compress Audit Files on a Dedicated File System

Compression keyword, Secure Shell, Keywords in Secure Shell

CompressionLevel keyword, ssh_config file, Keywords in Secure Shell

Computer Emergency Response Team/Coordination Center (CERT/CC), Reporting Security Problems

computer security, See system security

computing

DH key, How to Set Up a Diffie-Hellman Key for an NIS Host

digest of a file, How to Compute a Digest of a File

MAC of a file, How to Compute a MAC of a File

secret key, How to Generate a Symmetric Key by Using the pktool Command

configuration decisions

auditing

file storage, How to Plan Disk Space for Audit Records

policy, Understanding Audit Policy

remote file storage, How to Prepare to Stream Audit Records to Remote Storage

who and what to audit, How to Plan Who and What to Audit

zones, How to Plan Auditing in Zones

Kerberos

client and service principal names, Client and Service Principal Names

clients, Client Configuration Options

clock synchronization, Clock Synchronization Within a Realm

database propagation, Which Database Propagation System to Use

encryption types, Kerberos Encryption Types

KDC server, KDC Configuration Options

mapping host names onto realms, Mapping Host Names Onto Realms

number of realms, Number of Realms

ports, Ports for the KDC and Admin Services

realm hierarchy, Realm Hierarchy

realm names, Realm Names

realms, Planning Kerberos Realms

slave KDCs, The Number of Slave KDCs

password algorithm, Password Encryption

configuration files

auditing, Audit Service Man Pages

device_maps file, device_maps File

PAM

syntax, PAM Configuration (Reference)

for password algorithms, Password Encryption

policy.conf file

Password Encryption

How to Specify an Algorithm for Password Encryption

Commands That Manage RBAC

Secure Shell, Session Characteristics in Secure Shell

syslog.conf file, Files With Privilege Information

with privilege information, Files With Privilege Information

configured audit policy, permanent audit policy, How to Change Audit Policy

configuring

active audit policy, How to Change Audit Policy

ahlt audit policy, How to Change Audit Policy

audit_class file, How to Add an Audit Class

audit classes, How to Preselect Audit Classes

audit_event file, How to Change an Audit Event's Class Membership

audit logs task map, Configuring Audit Logs (Task Map)

audit policy, How to Change Audit Policy

audit policy temporarily, How to Change Audit Policy

audit queue controls, How to Change Audit Queue Controls

audit service policy, How to Change Audit Policy

audit trail overflow prevention, How to Prevent Audit Trail Overflow

audit_warn script, How to Configure the audit_warn Email Alias

auditing, Configuring the Audit Service (Tasks)

auditing in zones

Auditing on a System With Oracle Solaris Zones

Auditing and Oracle Solaris Zones

auditing task map, Configuring the Audit Service (Task Map)

authorizations, How to Create an Authorization

chroot directory for sftp, How to Create an Isolated Directory for sftp Files

device allocation, Managing Device Allocation (Task Map)

device policy, Configuring Device Policy (Task Map)

DH key for NIS user, How to Set Up a Diffie-Hellman Key for an NIS User

DH key in NIS, How to Set Up a Diffie-Hellman Key for an NIS Host

exceptions to Secure Shell system defaults, How to Create User and Host Exceptions to Secure Shell Defaults

hardware security, Controlling Access to System Hardware (Tasks)

host-based authentication for Secure Shell, How to Set Up Host-Based Authentication for Secure Shell

identical auditing for non-global zones, How to Configure All Zones Identically for Auditing

Kerberos

adding administration principals, How to Configure a KDC to Use an LDAP Data Server

clients, Configuring Kerberos Clients

cross-realm authentication, Configuring Cross-Realm Authentication

master KDC server

How to Automatically Configure a Master KDC

How to Interactively Configure a Master KDC

How to Manually Configure a Master KDC

master KDC server using LDAP, How to Configure a KDC to Use an LDAP Data Server

NFS servers, How to Configure Kerberos NFS Servers

overview, Configuring the Kerberos Service (Tasks)

slave KDC server

How to Automatically Configure a Slave KDC

How to Interactively Configure a Slave KDC

How to Manually Configure a Slave KDC

task map, Configuring the Kerberos Service (Task Map)

password for hardware access, How to Require a Password for SPARC Hardware Access

per-zone auditing, How to Configure Per-Zone Auditing

permanent audit policy, How to Change Audit Policy

perzone audit policy, How to Change Audit Policy

port forwarding in Secure Shell, How to Configure Port Forwarding in Secure Shell

privileged users, How to Change the Security Attributes of a User

RBAC

Customizing RBAC for Your Site (Tasks)

How to Plan Your RBAC Implementation

RBAC task map, Initially Configuring RBAC (Task Map)

rights profiles, How to Create a Rights Profile

roles

How to Create a Role

How to Change the Security Attributes of a Role

root role as user, How to Change the root Role Into a User

Secure Shell

clients, Client Configuration in Secure Shell

servers, Server Configuration in Secure Shell

Secure Shell task map, Configuring Secure Shell (Task Map)

space for audit trail, How to Assign Audit Space for the Audit Trail

temporary audit policy, How to Change Audit Policy

text summaries of audit records, How to Configure syslog Audit Logs

configuring application servers, Configuring Kerberos Network Application Servers

ConnectionAttempts keyword, ssh_config file, Keywords in Secure Shell

ConnectTimeout keyword, ssh_config file, Keywords in Secure Shell

console, displaying su command attempts, How to Restrict and Monitor root Logins

CONSOLE in Secure Shell, Secure Shell and Login Environment Variables

Console User (RBAC), rights profile, Rights Profiles

CONSOLE_USER keyword, policy.conf file, policy.conf File

consumers, definition in Cryptographic Framework, Terminology in the Cryptographic Framework

context-sensitive help, SEAM Tool, Print and Online Help Features of the SEAM Tool

control flags, PAM, How PAM Stacking Works

control manifests (BART), BART (Overview)

controlling, system usage, Controlling Access to Machine Resources

conversation keys

decrypting in secure RPC, Implementation of Diffie-Hellman Authentication

generating in secure RPC, Implementation of Diffie-Hellman Authentication

converting, audit records to readable format, How to View the Contents of Binary Audit Files

Coordinated Universal Time (UTC)

time stamp use in auditing

How to Merge Audit Files From the Audit Trail

Conventions for Binary Audit File Names

copying, files using Secure Shell, How to Copy Files With Secure Shell

copying audit records to single file, How to Select Audit Events From the Audit Trail

cost control, and auditing, Controlling Auditing Costs

crammd5.so.1 plug-in, SASL and, SASL Plug-ins

creating

audit trail, Audit Trail

authorization, How to Create an Authorization

credential table, How to Create a Credential Table

file digests, How to Compute a Digest of a File

key pair, How to Generate a Key Pair by Using the pktool genkeypair Command

new device-clean scripts, Device-Clean Scripts

new policy (Kerberos)

How to Create a New Kerberos Principal

How to Create a New Kerberos Policy

new principal (Kerberos), How to Create a New Kerberos Principal

privileged users, How to Change the Security Attributes of a User

rights profile for a group of users, How to Configure a User's Audit Characteristics

rights profiles, How to Create a Rights Profile

roles, How to Create a Role

root user, How to Change the root Role Into a User

secret keys

for encryption, How to Generate a Symmetric Key by Using the pktool Command

Secure Shell keys, How to Generate a Public/Private Key Pair for Use With Secure Shell

stash file

How to Manually Configure a Slave KDC

How to Configure a Slave KDC to Use Full Propagation

storage for binary audit files, How to Create ZFS File Systems for Audit Files

tickets with kinit, Creating a Kerberos Ticket

cred database, DH authentication, Diffie-Hellman Authentication and Secure RPC

cred table

DH authentication and, Diffie-Hellman Authentication and Secure RPC

information stored by server, Implementation of Diffie-Hellman Authentication

credential

cache, How the Kerberos Authentication System Works

description

Implementation of Diffie-Hellman Authentication

Authentication-Specific Terminology

mapping, Mapping GSS Credentials to UNIX Credentials

obtaining for a server, Obtaining a Credential for a Server

obtaining for a TGS, Obtaining a Credential for the Ticket-Granting Service

or tickets, How the Kerberos Service Works

credential table, adding single entry to, How to Add a Single Entry to the Credential Table

crontab files, authorizations required, Selected Commands That Require Authorizations

cross-realm authentication, configuring, Configuring Cross-Realm Authentication

CRYPT_ALGORITHMS_ALLOW keyword, policy.conf file, Password Encryption

CRYPT_ALGORITHMS_DEPRECATE keyword, policy.conf file, Password Encryption

crypt_bsdbf password algorithm, Password Encryption

crypt_bsdmd5 password algorithm, Password Encryption

crypt command, file security, Protecting Files With Encryption

CRYPT_DEFAULT keyword, policy.conf file, Password Encryption

CRYPT_DEFAULT system variable, How to Specify an Algorithm for Password Encryption

crypt_sha256 password algorithm

Password Encryption

Changing the Default Algorithm for Password Encryption (Tasks)

crypt_sunmd5 password algorithm

Password Encryption

Password Encryption

crypt_unix password algorithm, Password Encryption

Crypto Management (RBAC), creating role, How to Assign a Role

cryptoadm command

description, Scope of the Cryptographic Framework

disabling cryptographic mechanisms

How to Prevent the Use of a User-Level Mechanism

How to Prevent the Use of a Kernel Software Provider

disabling hardware mechanisms, How to Disable Hardware Provider Mechanisms and Features

installing PKCS #11 library, How to Add a Software Provider

listing providers, How to List Available Providers

-m option

How to Prevent the Use of a User-Level Mechanism

How to Prevent the Use of a Kernel Software Provider

-p option

How to Prevent the Use of a User-Level Mechanism

How to Prevent the Use of a Kernel Software Provider

restoring kernel software provider, How to Prevent the Use of a Kernel Software Provider

cryptoadm install command, installing PKCS #11 library, How to Add a Software Provider

Cryptographic Framework

administering with role, How to Assign a Role

connecting providers, Plugins to the Cryptographic Framework

consumers, Introduction to the Cryptographic Framework

cryptoadm command

Scope of the Cryptographic Framework

Administrative Commands in the Cryptographic Framework

definition of terms, Terminology in the Cryptographic Framework

description, Introduction to the Cryptographic Framework

elfsign command, Binary Signatures for Third-Party Software

error messages, How to Encrypt and Decrypt a File

FIPS–140 and, Cryptographic Framework and FIPS-140

hardware plugins, Introduction to the Cryptographic Framework

interacting with, Scope of the Cryptographic Framework

listing providers

How to List Available Providers

How to List Available Providers

PKCS #11 library, Introduction to the Cryptographic Framework

providers

Introduction to the Cryptographic Framework

Terminology in the Cryptographic Framework

refreshing, How to Refresh or Restart All Cryptographic Services

registering providers, Plugins to the Cryptographic Framework

restarting, How to Refresh or Restart All Cryptographic Services

signing providers, Plugins to the Cryptographic Framework

SPARC T4 series optimizations, Cryptographic Framework and the SPARC T-Series Servers in This Release

user-level commands, User-Level Commands in the Cryptographic Framework

zones and

Cryptographic Services and Zones

How to Refresh or Restart All Cryptographic Services

cryptographic mechanisms, optimized for SPARC T4 series, Cryptographic Framework and the SPARC T-Series Servers in This Release

cryptographic services, See Cryptographic Framework

Cryptoki, See PKCS #11 library

csh command, privileged version, Profile Shells and RBAC

customizing, manifests, How to Customize a Manifest

customizing a report (BART), How to Customize a BART Report by Using a Rules File