Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 13 Feb 2003 11:22:54 -0800
From:      La Temperanza <temperanza@softhome.net>
To:        questions@freebsd.org
Subject:   Help with Kerberos 5 setup
Message-ID:  <20030213112254.6c59e001.temperanza@softhome.net>

next in thread | raw e-mail | index | archive | help
Hello, I'm a newbie to Kerberos trying to set it up at the suggestion of the
handbook's "Securing FreeBSD" section. However, the Kerberos section is heavily
biased towards version 4 and I'm not sure if it's leading me on the right track.
I've figured out how to edit krb5.conf to set my realms, boot up kadmind and kdc
in rc.conf, init the database using k5admin and stash my master key. However,
when adding the two principals the handbook says are needed I get a few warning
messages which I'm nervous about.

kadmin> add --random-password passwd
root/admin@SAKURA's Password: 
Max ticket life [unlimited]:
Max renewable life [unlimited]:
Principal expiration time [never]:
Password expiration time [never]:
Attributes []:
root/admin@SAKURA's Password: 
k5admin: kadm5_create_principal: Client (root/admin@SAKURA) unknown
added passwd@SAKURA with password `not4u2c'
k5admin: adding passwd: Client not found in Kerberos database

It looks like all I need to do is add myself in as a client somehow, but I'd
like to be reassured that the handbook's setup instructions for Kerberos 4
are also the right ones under Kerberos 5. Can anyone do that, or help me through
the correct setup procedure if it's different?

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030213112254.6c59e001.temperanza>