6.1 Security Features

The following table contains a summary of the Novell® Client™ for Linux security features:

Table 6-1 Novell Client for Linux Security Features




Users are authenticated


GUI and command line login utilities support authentication of NCP™ and LDAP connections via user authentication into eDirectory™. NCP protocol authentication is supported via RSA and LDAP authentication is supported via SSL and Simple Bind protocol.

Servers, devices, and/or services are authenticated


Connections to servers are authenticated via user-supplied credentials. No device authentication is supported directly by the Client.

Access to information is controlled


The product’s Virtual File System (VFS) component (located in Linux Kernel space) is the gatekeeper for enforcement of access controls to Novell file systems.

Roles are used to control access


No explicit use of roles is included in this product. eDirectory alias objects can be created, but this is not considered true role-based access and is not specifically supported or administered through this product.

Logging and/or security auditing is done


Security logging and auditing features are not supplied by nor supported by this product.

Data on the wire is encrypted by default


No wire encryption is supplied by this product.

Data stored is encrypted


This product does not provide long-term storage of data.

Passwords, keys, and any other authentication materials are stored encrypted


Passwords and other authentication materials in temporary storage are encrypted to prevent in-memory scanners.

Security is on by default


There are no configuration options to enable or disable with the exception of packet signing. Packet signing is enabled by default.

FIPS 140-2 compliant


This product currently uses the ATB (authentication toolbox) instead of Novell’s NICI product. Therefore, this product is not FIPS 140-2 compliant because ATB itself is not FIPS-compliant.