Encryption Parameters—Enable Kerberos Encryption
To specify encryption, the following options are available in Configuration-By-Forms under the Net Server (also known as Communications Server) component:
ib_encrypt_mech
Determine the encryption mechanism for inbound connections. Valid values are
kerberos
Specifies that Kerberos be used.
*
Specifies that Kerberos will be used if included as an item on the mechanism list.
ob_encrypt_mech
Determine the encryption mechanism for outbound connections. Valid values are the same as for ib_encrypt_mech.
ib_encrypt_mode
Determines the encryption mode for the inbound data stream. Valid values are as follows:
Off
Specifies that encryption be neither requested nor allowed.
Optional
Specifies that encryption may occur but is not requested.
On
Specifies that encryption is requested, if possible (if both ends support it).
Required
Specifies that encryption must always occur.
ob_encrypt_mode
Determines the encryption mode for the outbound data stream. Valid values are the same as for ib_encrypt_mode.
Outbound connection items may be configured as connection attributes in netutil.
The following example specifies Kerberos encryption for all inbound connections: