
Authentication Configuration

You can skip this section if you will not be setting up
network passwords. If you are unsure, ask your system
administrator for assistance.

Unless you are setting up an NIS password, you will
notice that both MD5 and shadow are selected. Using both
will make your system as secure as possible.

     * Use Shadow Passwords -- provides a very secure
       method of retaining passwords for you. The
       password filed in the /etc/passwd file is
       replaced by /etc/shadow which is readable only
       by root.
     * Enable MD5 Passwords -- allows a long password
       to be used (up to 256 characters) instead of
       the standard eight letters or less.
     * Enable NIS -- allows you to run a group of
       computers in the same Network Information
       Service domain with a common password and
       group file. There are two options here to
       choose from:
       Note: To configure the NIS option, you must be
       connected to an NIS network. If you are unsure
       whether you are connected to an NIS network,
       please ask your system administrator.
          + NIS Domain -- this option allows you to
            specify which domain or group of
            computers your system will belong to.
          + NIS Server -- this option causes your
            computer to use a specific NIS server,
            rather than "broadcasting" a message to
            the local area network asking for any
            available server to host your system.
     * Enable LDAP -- LDAP consolidates certain types
       of information within your organization. For
       example, all of the different lists of users
       within your organization can be merged into
       one LDAP directory. For more information about
       LDAP, refer to the Red Hat Linux Reference
       Guide. There are three options to choose from
       here:
          + LDAP Server -- this option allows you to
            access a server running the LDAP
            protocol.
          + LDAP Base DN -- this option allows you to
            look up user information by its
            Distinguished Name (DN).
          + Use TLS (Transport Layer Security)
            lookups -- this option allows LDAP to
            send encrypted user names and passwords
            to an LDAP server before authentication.
     * Enable Kerberos -- Kerberos is a secure system
       for providing network authentication services.
       For more information about Kerberos, refer to
       the Red Hat Linux Reference Guide. There are
       three options to choose from here:
          + Realm -- this option allows you to access
            a network that uses Kerberos, composed of
            one or a few servers (also known as KDCs)
            and a (potentially very large) number of
            clients.
          + KDC -- this option allows you access to
            the Key Distribution Center (KDC), a
            machine that issues Kerberos tickets
            (sometimes called a Ticket Granting
            Server or TGS).
          + Admin Server -- this option allows you to
            access a server running kadmind.
