Chapter 2 HPSS Planning88 September 2002 HPSS Installation GuideRelease 4.5, Revision 22.8.4.3 FTP/PFTPBy default, FTP and Parallel FTP (PFTP) interfaces use a username/password mechanism toauthenticate and authorize end users. The end user identity credentials are obtained from theprincipal and account records in the DCE security registry. However, FTP and PFTP users do notrequire maintenance of a login password in the DCE registry. The FTP/PFTP interfaces allow sitesto use site-supplied algorithms for end user authentication. This mechanism is enabled by runningan appropriate authentication manager such as auth_dcegss.Alternatively, authentication may be performed using the DCE Registry or using password-lessmechanisms such as MIT Kerberos.2.8.4.4 DFSDFS uses DCE authentication and authorization.2.8.4.5 NFSThough the HPSS NFS client interface does not directly support an end user login authorizationmechanism, standard NFS export security features are supported to allow specification of read-only, read-mostly, read-write, and root access to HPSS subtrees for identified client hosts. HPSSNFS does not support Sun MicroSystems’ Network Information Services to validate client hosts.HPSS NFS does provide an option to validate the network address of hosts attempting to mountHPSS directories. The default configuration disables this check. To enable client address validation,export the variable HPSS_MOUNTD_IPCHECK in the HPSS environments file (hpss_env). Anoption to specify mediation of user access to HPSS files by a credentials mapping is also provided.Export entry options are described further in Section 7.4: NFS Daemon Configuration (page 431).If the user mapping option is specified, user access requires an entry in the NFS credentials mapcache and user credentials are obtained from that cache. Entries in the credentials map cache,maintained by the NFS Daemon, are generated based on site policy. For instance, entries may beestablished by allowing users to run a site-defined map administration utility, or they may be setup at NFS startup time by reading a file. They can also be added by running a privileged mapadministration utility such as the nfsmap utility.2.8.4.6 BitfileEnforcement of access to HPSS bitfile data is accomplished through a ticketing mechanism. AnHPSS security ticket, which contains subject, object, and permission information, is generated bythe HPSS Name Server. Ticket integrity is certified through a checksum that is encrypted with a keyshared by the Name Server and Bitfile Server. When access to file data is requested, the ticket ispresented to the HPSS Bitfile Server, which checks the ticket for authenticity and appropriate userpermissions. The Name Server/Bitfile Server shared key is generated at Name Server startup, andis sent to the Bitfile Server using an encrypted DCE remote procedure call to set up a shared securitycontext. If the DCE cell in which HPSS resides does not support packet integrity, it is recommendedthat the Name Server and Bitfile Server components run on the same platform.
