[Techtalk] kerberos

N. Leenders nadine at ualberta.ca
Wed Sep 24 23:15:27 UTC 2008


It's been along time since I've set up kerberos, but this is what I have 
in my notes that might or might not help.

eg's:
addprinc nadine/admin
addprinc -randkey host/hydra.nic.ualberta.ca
ktadd -k /etc/krb5.keytab host/hydra.nic.ualberta.ca   (puts the keytab 
file on whatever machine kadmin is being run on)

Principal - a unique name for each user or service
<servicename>/<hostname>@<realm>
or <user>@<realm>
or <user>/<intendeduse>@<realm>


Kerberos 5 Clients:

    - Need a valid krb5.conf file, time synchronization, and client
   applications

   On kdc, in kadmin, do "addprinc -randkey host/blah.example.com" to add a
   host principal and assign it a random key.
   On client machine, in kadmin, do "ktadd -k /etc/krb5.keytab
   host/blah.example.com" to extract the keys.


  - Nadine


Nadine Leenders
HPC System Administrator, Research Support
Academic Information and Communication Technologies
University of Alberta


On Wed, 24 Sep 2008, Wolf Rising wrote:

> Would anyone happen to know how to create a kerberos principal for
> an external account using kadmin? I'm not sure of what syntax to
> use after addprincs, is it simply the email address the individual wishes to
> use
> and then assign a  password?
> _______________________________________________
> Techtalk mailing list
> Techtalk at linuxchix.org
> http://mailman.linuxchix.org/mailman/listinfo/techtalk
>
>


More information about the Techtalk mailing list