此内容没有您所选择的语言版本。

26.2. Authentication


The Authentication tab allows for the configuration of network authentication methods. To enable an option, click the empty checkbox beside it. To disable an option, click the checkbox beside it to clear the checkbox.
Authentication

Figure 26.2. Authentication

The following explains what each option configures:
  • Enable Kerberos Support — Select this option to enable Kerberos authentication. Click the Configure Kerberos button to configure:
    • Realm — Configure the realm for the Kerberos server. The realm is the network that uses Kerberos, composed of one or more KDCs and a potentially large number of clients.
    • KDC — Define the Key Distribution Center (KDC), which is the server that issues Kerberos tickets.
    • Admin Servers — Specify the administration server(s) running kadmind.
    The krb5-libs and krb5-workstation packages must be installed for this option to work. Refer to the Reference Guide for more information on Kerberos.
  • Enable LDAP Support — Select this option to have standard PAM-enabled applications use LDAP for authentication. Click the Configure LDAP button to specify the following:
    • Use TLS to encrypt connections — Use Transport Layer Security to encrypt passwords sent to the LDAP server.
    • LDAP Search Base DN — Retrieve user information by its Distinguished Name (DN).
    • LDAP Server — Specify the IP address of the LDAP server.
    The openldap-clients package must be installed for this option to work. Refer to the Reference Guide for more information about LDAP.
  • Use Shadow Passwords — Select this option to store passwords in shadow password format in the /etc/shadow file instead of /etc/passwd. Shadow passwords are enabled by default during installation and are highly recommended to increase the security of the system.
    The shadow-utils package must be installed for this option to work. For more information about shadow passwords, refer to the Users and Groups chapter in the Reference Guide.
  • Enable SMB Support — This option configures PAM to use an SMB server to authenticate users. Click the Configure SMB button to specify:
    • Workgroup — Specify the SMB workgroup to use.
    • Domain Controllers — Specify the SMB domain controllers to use.
  • Winbind — Select this option to configure the system to connect to a Windows Active Directory or a Windows domain controller. User information can be accessed, as well as server authentication options can be configured.
  • Use MD5 Passwords — Select this option to enable MD5 passwords, which allows passwords to be up to 256 characters instead of eight characters or less. It is selected by default during installation and is highly recommended for increased security.
Red Hat logoGithubRedditYoutubeTwitter

学习

尝试、购买和销售

社区

关于红帽文档

通过我们的产品和服务,以及可以信赖的内容,帮助红帽用户创新并实现他们的目标。

让开源更具包容性

红帽致力于替换我们的代码、文档和 Web 属性中存在问题的语言。欲了解更多详情,请参阅红帽博客.

關於紅帽

我们提供强化的解决方案,使企业能够更轻松地跨平台和环境(从核心数据中心到网络边缘)工作。

© 2024 Red Hat, Inc.