16.10 - MutualAuthentication - Teradata Database

Teradata Database Security Administration

Product
Teradata Database
Release Number
16.10
Release Date
June 2017
Content Type
Administration
Security
Publication ID
B035-1100-161K
Language
English (United States)

The MutualAuthentication property tells the client whether to request that the server authenticate itself to the client. You can use mutual authentication to avoid man-in-the-middle attacks, which could allow the attacker to divert a network transmission to an unauthenticated third party.

Valid Settings

Setting Description
yes (default) The mechanism supports mutual authentication.
no The mechanism does not support mutual authentication.

Supporting Mechanisms for MutualAuthentication

Mechanisms that are not listed in the table do not support this property. The Property Editable column indicates if the setting for a property may be edited.
Mechanism Property Editable?
KRB5 May Be Edited
SPNEGO
TDNEGO Do Not Edit

Editing Guidelines

  • Edit this property on Teradata clients.
  • If Teradata Database runs on Linux, you must set MutualAuthentication to yes for KRB5 or SPNEGO.
  • If you want user logons through Unity to behave the same as user logons direct to the database, then the property setting for KRB5 and LDAP should be the same on Unity and on all connected database systems.
  • If you edit the preset value of this property on a mechanism that does not currently support it, TDGSS ignores the edit.
  • Do not modify the TDNEGO setting for this property.