Tag Archives: security

Start of change of default domain on Linux systems

The department is moving from the ‘AD’ domain to the ‘DC’ domain. Linux systems use the DNS to decide which the default should be if none is given. We shall be moving certyain test hosts over to DC in the … Continue reading

Posted in Local IT systems | Tagged , , , | Comments Off

Password requirements change

Passwords created or changed from now onwards will need to be of higher complexity than was permitted previously.  Details of the requirements can be found at http://www.cl.cam.ac.uk/local/sys/access/kerberos/.  Existing passwords will continue to work as normal – you only need to be aware … Continue reading

Posted in Local IT systems | Tagged | Comments Off

New package signing key

A new key (3294FB03) has been generated to sign all Lab packages (RPMs and .debs). This has been installed on most Lab managed machines. Private machines which use the Lab repositories will need to register the new key.

Posted in Local IT systems | Tagged , | Leave a comment

slogin-serv move to NFS sec=krb5

Any users of the “slogin-serv” service should be aware that changes are to be made which may require them to run “kinit” to access their home directory.

Posted in Local IT systems | Tagged , , , , , | Leave a comment

New package signing key

A new key has been generated to sign all Lab packages (RPMs and .debs). This has been installed on most Lab managed machines. Private machines which use the Lab repositories will need to register the new key.

Posted in Local IT systems | Tagged , | Leave a comment

dns[01].cl auth NS to refuse “other” requests

The authorative nameservers for cl.cam.ac.uk are moving to return REFUSED for requests for other domains

Posted in Local IT systems | Tagged , | Leave a comment

new page on sec=krb5

The new page nfs-sec-krb5 has some initial simple (!) examples of using NFS sec=krb5 – feedback welcome.

Posted in Local IT systems | Tagged , , | Leave a comment

Tool to test ssh authorized_keys files

Users can check that their ~/.ssh/authorized_keys files is “acceptable” with /usr/groups/admin/cmds/check-ssh-auth.pl.

Posted in Local IT systems | Tagged , | Leave a comment