Server-side administration
To set up cr1 to protect the service on the server side,
you must do the following:
-
Set up the port monitor's
_pmtab file:
-
Create an entry for the service and specify
``cr1 servicetag''
in the ``scheme'' field.
-
Create an entry for reportscheme.
Leave the ``scheme'' field empty
to mean the NULL scheme.
-
Set up ID mapping to include a database entry that
maps the name of the user on the client
to a local name.
The command lines are as follows:
NOTE:
For information about
administration of the ID mapping databases, see
``Administering ID mapping''.
-
Add the shared key to the server's key database.
The following tasks are
specifically part of cr1 administration:
-
setting up the key database initially
and managing shared keys
-
creating and managing the master key
-
stopping and starting the key management daemon
-
optionally, adding cr1 to the connection server's
/etc/iaf/serve.allow
file on the client
The _pmtab file is edited using
pmadm(1M).
Instructions for administering facilities with which cr1 interfaces, such as
the connection server and ID mapping,
can be found in
``Administering the connection server''
and
``Administering ID mapping'',
respectively.
© 2004 The SCO Group, Inc. All rights reserved.
UnixWare 7 Release 7.1.4 - 22 April 2004