Subtitles of the Movie

Authentication Options. First a word on VNC, that's Virtual Network Computing. It's another way to gain remote access to a system. One of the advantages of VNC is how it works across different operating systems. With the proper settings you can even take control of a Microsoft Windows system. More details are available in the video on Remote Microsoft Client Access. Of course, VNC can work to take control of a Linux GUI on a client as well. I discuss it in this video as it also requires some form of network authentication even if that authentication has been disabled. Another authentication option is PAM, that's short for Pluggable Authentication Modules. On your system, look at the files in the etc/pam.d directory. The names, if you're familiar with Linux, should seem somewhat familiar. They have the same names or many of those files have the same names as many administrative commands from directories like user /sbin. And as such, they regulate access to such commands. Next, there are the Network Authentication Options. NIS, that's the Network Information Services and LDAP, that's the Lightweight Directory Access Protocol. Both of these network authentication options have unified databases of usernames and passwords for Linux systems on a network. NIS systems have a number of configuration files starting on the client in etc/yp.conf and nsswitch.conf and on the server in etc/ypserve.conf along with separate database files cited in that file. LDAP services are in one way a little bit simpler as it's configured in etc/ldap.conf but include database information that can be a lot more complex. In most cases, both NIS and LDAP databases can be cited by PAM modules for username information. A couple more options. First, RADIUS - that's short for the Remote Authentication Dial-In User Service. It can authenticate users, in other words it checks their usernames and passwords, for those who connect via PAP or CHAP - that's the Password Authentication Protocol and the Challenge Handshake Authentication Protocol. PAP and CHAP are associated with users who connect to a system via telephone modem. RADIUS servers can refer to LDAP databases for their username and password authentications. Finally, there's the concept of Two-Factor Authentication, which is almost like it sounds. Normally one level of authentication utilizes a username and password. The second level is another check or factor which can be a Fingerprint reader, a Key ring, a Digital certificate, a Passphrase or more. Well, those are the Authentication Options associated with the Linux+ Objectives. Thank you and on to the next video.