Skip site navigation (1)Skip section navigation (2) 
Date:      Thu, 13 Feb 2003 13:55:15 -0600
From:      Tillman <tillman@seekingfire.com>
To:        La Temperanza <temperanza@softhome.net>
Cc:        questions@FreeBSD.ORG
Subject:   Re: Help with Kerberos 5 setup
Message-ID:  <20030213135515.S22957@seekingfire.com>
In-Reply-To: <20030213112254.6c59e001.temperanza@softhome.net>; from temperanza@softhome.net on Thu, Feb 13, 2003 at 11:22:54AM -0800
References:  <20030213112254.6c59e001.temperanza@softhome.net>
next in thread | previous in thread | raw e-mail | index | archive | help 
On Thu, Feb 13, 2003 at 11:22:54AM -0800, La Temperanza wrote:
> Hello, I'm a newbie to Kerberos trying to set it up at the suggestion of the
> handbook's "Securing FreeBSD" section. However, the Kerberos section is heavily
> biased towards version 4 and I'm not sure if it's leading me on the right track.
> I've figured out how to edit krb5.conf to set my realms, boot up kadmind and kdc
> in rc.conf, init the database using k5admin and stash my master key. However,
> when adding the two principals the handbook says are needed I get a few warning
> messages which I'm nervous about.

<snip>

> It looks like all I need to do is add myself in as a client somehow, but I'd
> like to be reassured that the handbook's setup instructions for Kerberos 4
> are also the right ones under Kerberos 5. Can anyone do that, or help me through
> the correct setup procedure if it's different?

No, the instructions are similar but different.

If you're using the Heimdal krb5 (part of the base system or via ports),
you'll want to read
http://www.pdc.kth.se/heimdal/heimdal.html#Setting%20up%20a%20realm. If
you're using the MIT krb5 port (what I'm runnign these days, though I
started with Heimdal) you'll want to read
http://web.mit.edu/kerberos/www/krb5-1.2/krb5-1.2.7/doc/install.html#SEC39.

More information on Kerberos that I've collected over time is at
http://www.rospa.ca/projects/kerberos/resources.html.

Good luck,

- Tillman

-- 
Page xxviii: More than any other computer system today, Unix will repay
every moment that you spend learning and experimenting.
        - Harley Hahn, _The Unix Companion_

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030213135515.S22957>