16.10 - MutualAuthentication - Teradata Database

Teradata Database Security Administration

prodname
Teradata Database
vrm_release
16.10
created_date
June 2017
category
Administration
Security
featnum
B035-1100-161K

The MutualAuthentication property tells the client whether to request that the server authenticate itself to the client. You can use mutual authentication to avoid man-in-the-middle attacks, which could allow the attacker to divert a network transmission to an unauthenticated third party.

Valid Settings

Setting Description
yes (default) The mechanism supports mutual authentication.
no The mechanism does not support mutual authentication.

Supporting Mechanisms for MutualAuthentication

Mechanisms that are not listed in the table do not support this property. The Property Editable column indicates if the setting for a property may be edited.
Mechanism Property Editable?
KRB5 May Be Edited
SPNEGO
TDNEGO Do Not Edit

Editing Guidelines

  • Edit this property on Teradata clients.
  • If Teradata Database runs on Linux, you must set MutualAuthentication to yes for KRB5 or SPNEGO.
  • If you want user logons through Unity to behave the same as user logons direct to the database, then the property setting for KRB5 and LDAP should be the same on Unity and on all connected database systems.
  • If you edit the preset value of this property on a mechanism that does not currently support it, TDGSS ignores the edit.
  • Do not modify the TDNEGO setting for this property.