Satyr Manual

1. Using the Zorp Authentication Agent (Satyr)

When the user launches an application that requires authentication (e.g.: a web browser, e-mail client, etc.) the Zorp firewall automatically displays the authentication client on the users screen.

  1. The Zorp Authentication Agent

    Figure 1. The Zorp Authentication Agent

    The displayed window shows the name of the service requiring authentication (intra_http in the above example), and - provided that the administrator enabled it - further details of the connection (e.g.: destination IP address). By selecting the Save session if done) checkbox (see Section 1.1, “Program settings (Windows)”) the authentication client stores the username and the password. That way the fields will be automatically filled for later authentications.

  2. Enter your username and click Next.

  3. Selecting authentication method

    Figure 2. Selecting authentication method

    Select the authentication method to use from the Select authentication method combobox. The list displays only the methods enabled for the particular user.

    • If you have a username and a password, select Password authentication.

    • If you use Kerberos authentication, select GSSAPI authentication.

      [Note] Note

      When using Kerberos authentication the authentication client is not displayed if the automatic authentication feature is enabled. See Section 1.1, “Program settings (Windows)” for details.

    • To authenticate with an X.509 certificate, select X.509 certificate.

  4. Entering the password

    Figure 3. Entering the password

    As a last step, you have to provide the information required for the selected authentication method. For password authentication enter your password.

Clicking Abort at any step stops the authentication.

After successful authentication (e.g.: if the password entered was correct) the window of the authentication client is closed and the connection to the target server is established. An error message is displayed if the authentication fails.

1.1. Program settings (Windows)

The authentication agent starts automatically after Windows boots, as indicated by its icon on the system tray. Right clicking on the icon displays a popup menu containing the following items:

  • Clicking the Preferences menu item displays the following dialog window:

    Preferences

    Figure 4. Preferences

    1. Automatic Kerberos authentication: This option has only any effect if Kerberos authentication is used. If this option is enabled, the authentication client will not appear, and the username provided during Windows login will be used.

    2. Forget password: The authentication client can store the provided password for the provided period (in minutes). That way an unauthorized person cannot initiate network connections from unattended machines.

    3. Forget password now: Immediately remove the stored password.

  • The About menu item displays information about the Zorp Authentication Agent, including its version number.

  • Clicking Exit quits the authentication agent that can be restarted from the Start menu (Start menu / Satyr Client / Satyr Client).

© 2006 BalaBit IT Security
Please send your comments or documentation bugs to: documentation@balabit.com

Prev     Next
Satyr Manual  Home | ToC  2. Authentication and Zorp