
Authentication Configuration

   You  can  skip  this  section  if  you will not be
   setting  up  network passwords. If you are unsure,
   ask your system administrator for assistance.

   Unless  you  are  setting  up an NIS password, you
   will notice that both MD5 and shadow are selected.
   Using  both  will  make  your  system as secure as
   possible.

     * Use Shadow Passwords -- provides a very secure
       method  of  retaining  passwords  for you. The
       password  filed  in  the  /etc/passwd  file is
       replaced by /etc/shadow which is readable only
       by root.
     * Enable MD5 Passwords -- allows a long password
       to  be  used (up to 256 characters) instead of
       the standard eight letters or less.
     * Enable  NIS  --  allows  you to run a group of
       computers  in  the  same  Network  Information
       Service  domain  with  a  common  password and
       group  file.  There  are  two  options here to
       choose from:
       Note: To configure the NIS option, you must be
       connected to an NIS network. If you are unsure
       whether  you  are connected to an NIS network,
       please ask your system administrator.
          + NIS  Domain  -- this option allows you to
            specify   which   domain   or   group  of
            computers your system will belong to.
          + NIS  Server  --  this  option causes your
            computer  to  use  a specific NIS server,
            rather  than  "broadcasting" a message to
            the  local  area  network  asking for any
            available server to host your system.
     * Enable LDAP -- LDAP consolidates certain types
       of  information  within your organization. For
       example,  all  of the different lists of users
       within  your  organization  can be merged into
       one LDAP directory. For more information about
       LDAP,  refer  to  the  CentOS Reference Guide.
       There are three options to choose from here:
          + LDAP  Server -- this option allows you to
            access   a   server   running   the  LDAP
            protocol.
          + LDAP Base DN -- this option allows you to
            look   up   user   information   by   its
            Distinguished Name (DN).
          + Use   TLS   (Transport   Layer  Security)
            lookups  --  this  option  allows LDAP to
            send  encrypted  user names and passwords
            to an LDAP server before authentication.
     * Enable Kerberos -- Kerberos is a secure system
       for providing network authentication services.
       For  more information about Kerberos, refer to
       the  CentOS  Reference  Guide. There are three
       options to choose from here:
          + Realm -- this option allows you to access
            a network that uses Kerberos, composed of
            one or a few servers (also known as KDCs)
            and  a (potentially very large) number of
            clients.
          + KDC  --  this option allows you access to
            the  Key  Distribution  Center  (KDC),  a
            machine   that  issues  Kerberos  tickets
            (sometimes   called   a  Ticket  Granting
            Server or TGS).
          + Admin Server -- this option allows you to
            access a server running kadmind.
