This manual describes Tru64 UNIX security concepts and administration
including identification, authentication, and authorization methods, securing
resources, and auditing.
Audience
This manual is intended for anyone who is responsible for configuring
and administering security on a system running the Tru64 UNIX operating
system software.
New and Changed Features
This guide has been reorganized and includes information about identification, authentication, and authorization methods that are available in this release.
The information that was previously in the User's section of this guide is now located in the Command and Shell User's Guide.
The information that was previously in the Programmer's section of this
guide is now located in
Security Programming.
Organization
The manual is organized as follows:
| Chapter 1 | Describes local and remote identification, authentication, and authorization methods that Tru64 UNIX can use to authenticate users. |
| Chapter 2 | Describes how to configure Tru64 UNIX to manage access to system resources. |
| Chapter 3 | Describes how to audit Tru64 UNIX to view system activity. |
| Appendix A | Describes how to install and configure Enhanced Security on Tru64 UNIX. |
| Appendix B | Describes how to configure the Secure Shell software on Tru64 UNIX. |
| Appendix C | Describes how to configure the Single Sign On (Kerberos) software on Tru64 UNIX. |
| Appendix D | Describes how to configure Tru64 UNIX as a client using the Lightweight Directory Access Protocol (LDAP). |
| Appendix E | Describes how to configureTru64 UNIX to meet or exceed a C2 level of security. |
The following documents provide important information that supplements the information in certain chapters:
The System Administration manual describes how to perform common Tru64 UNIX administrative tasks.
The Command and Shell User's Guide describes how users access and interact with a system running the Tru64 UNIX operating system software.
The Network Administration: Connections manual describes how to set up, configure, and troubleshoot your network.
The Release Notes might contain important undocumented information about security.
HP welcomes any comments and suggestions you have on this and other Tru64 UNIX manuals.
You can send your comments in the following ways:
Fax: 603-884-0120 Attn: UBPG Publications, ZKO3-3/Y32
Internet electronic mail:
readers_comment@zk3.dec.com
A Reader's Comment form is located on your system in the following location:
/usr/doc/readers_comment.txt
Please include the following information along with your comments:
The full title of the manual and the order number. (The order number appears on the title page of printed and PDF versions of a manual.)
The section numbers and page numbers of the information on which you are commenting.
The version of Tru64 UNIX that you are using.
If known, the type of processor that is running the Tru64 UNIX software.
The Tru64 UNIX Publications group cannot respond to system problems or
technical support inquiries.
Please address technical questions to your
local system vendor or to the appropriate HP technical support office.
Information provided with the software media explains how to send problem
reports to HP.
Conventions
This manual uses the following typographical conventions:
| \ | A backslash at the end of a line in an example indicates continuation. |
| # | A number sign represents the system prompt when you are logged in to a Tru64 UNIX system using the root user account. |
net stop |
Bold courier type indicates user input. |
| >>> | The console subsystem prompt is three right angle brackets. |
| file | Italic (slanted) type indicates variable values, placeholders, and function argument names. |
[ | ] { | } |
In syntax definitions, brackets indicate items that are optional and braces indicate items that are required. Vertical bars separating items inside brackets or braces indicate that you choose one item from among those listed. |
| . . . | In syntax definitions, a horizontal ellipsis indicates that the preceding item can be repeated one or more times. |
| cat(1) | A cross-reference to a reference page includes the appropriate section number in parentheses. For example, cat(1) indicates that you can find information on the cat command in Section 1 of the reference pages. |
| [Ctrl/x] | This symbol indicates that you hold down the first named key while pressing the key or mouse button that follows the slash. In examples, this key combination is enclosed in a box (for example, [Ctrl/C] ). |