JavaScript is required to for searching.
Skip Navigation Links
Exit Print View
Trusted Extensions User's Guide     Oracle Solaris 11.1 Information Library
Oracle Technology Network
Library
PDF
Print View
Feedback
search filter icon
search icon

Document Information

Preface

1.  Introduction to Trusted Extensions

2.  Logging In to Trusted Extensions (Tasks)

Desktop Login in Trusted Extensions

Trusted Extensions Login Process

Identification and Authentication During Login

Review Security Attributes During Login

Logging In to Trusted Extensions

Identify and Authenticate Yourself to the System

Check Messages and Select Session Type

Troubleshoot Login Problems

Logging In Remotely to Trusted Extensions

How to Log In to a Remote Trusted Extensions Desktop

3.  Working in Trusted Extensions (Tasks)

4.  Elements of Trusted Extensions (Reference)

Glossary

Index

Logging In to Trusted Extensions

The following tasks step you through logging in to Trusted Extensions. You review and specify security information before reaching the desktop.

Identify and Authenticate Yourself to the System

  1. In the Username field of the login screen, type your username.

    Be sure to type your username exactly as your administrator assigned it to you. Pay attention to spelling and capitalization.

    If you make an error, type a fake password. The Username field appears.

  2. Confirm your entry.

    Press the Return key to confirm your username.

    Caution

    Caution - You should never see the trusted stripe when the login screen appears. If you see the trusted stripe while attempting to log in or unlock the screen, do not type your password. There is a possibility that you are being spoofed. A spoof is when an intruder's program is masquerading as a login program to capture passwords. Contact your security administrator immediately.

  3. Type your password in the password entry field, and press Return.

    For security purposes, the characters do not display in the field. The system compares the login name and password against a list of authorized users.

Troubleshooting

If the password that you provided is incorrect, the screen displays a message:

Authentication failed

Click OK to dismiss the error dialog box. Retype your user name, then the correct password.

Check Messages and Select Session Type

If you do not restrict yourself to a single label, you can view data at different labels. The range in which you can operate is bounded at the upper end by the session clearance and at the lower end by the minimum label that your administrator assigned to you.

  1. Examine the MOTD dialog box.
    image:Window shows date and time of the user's last login, Message Of The Day, and session attributes. Shows a single-level session button.
    1. Check that the time of your last session is accurate.

      Always check that nothing is suspicious about the last login, such as an unusual time of day. If you have reason to believe that the time is not accurate, contact your security administrator.

    2. Check for any messages from the administrator.

      The Message Of The Day field can contain warnings about scheduled maintenance or security problems. Always review the information in this field.

    3. Examine the security attributes of your session.

      The MOTD dialog box indicates any roles that you can assume, your minimum label, and other security characteristics.

    4. (Optional) If you are permitted to log in to a multilevel session, decide if you want a single-level session.

      Click the Restrict Session to a Single Label button to log in to a single-level session.

    5. Click OK.
  2. Confirm your label choice.

    You are presented with a label builder. If you are logging in at a single label, the label builder describes your session label. In a multilevel system, the label builder enables you to choose your session clearance. To view a sample label builder for a multilevel session, see Figure 3-4.

    • Accept the default, unless you have a reason not to.
    • For a multilevel session, select a clearance.

      To change the clearance, click the Trusted Path clearance, then click a clearance that you want.

    • For a single-level session, select a label.

      To change the label, click the Trusted Path label, then click the label that you want.

  3. Click OK.

    The trusted desktop appears.

Troubleshoot Login Problems

  1. If your username or password is not recognized, check with the administrator.
  2. If your label range is not permitted on your workstation, check with the administrator.

    Workstations can be restricted to a limited range of session clearances and labels. For example, a workstation in a lobby might be limited to PUBLIC labels only. If the label or session clearance that you specify is not accepted, check with an administrator to determine if the workstation is restricted.

  3. If you have customized your shell initialization files and cannot log in, you have the following two options.
    • Contact your system administrator to correct the situation.
    • If you can become root, log in to a failsafe session.

      In a standard login, the shell initialization files are sourced at startup to provide a customized environment. In a failsafe login, the default values are applied to your system and no shell initialization files are sourced.

      In Trusted Extensions, a failsafe login is protected. Only the root account can access a failsafe login.

      1. Type your username in the login screen.
      2. At the bottom of the screen, choose Solaris Trusted Extensions Failsafe Session from the desktop menu.
      3. When prompted, provide your password.
      4. When prompted for an additional password, provide the password for root.
Copyright © 1997, 2012, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous Next