[Techtalk] kerberos

N. Leenders nadine at ualberta.ca
Wed Sep 24 23:15:27 UTC 2008

It's been along time since I've set up kerberos, but this is what I have 
in my notes that might or might not help.

addprinc nadine/admin
addprinc -randkey host/hydra.nic.ualberta.ca
ktadd -k /etc/krb5.keytab host/hydra.nic.ualberta.ca   (puts the keytab 
file on whatever machine kadmin is being run on)

Principal - a unique name for each user or service
or <user>@<realm>
or <user>/<intendeduse>@<realm>

Kerberos 5 Clients:

    - Need a valid krb5.conf file, time synchronization, and client

   On kdc, in kadmin, do "addprinc -randkey host/blah.example.com" to add a
   host principal and assign it a random key.
   On client machine, in kadmin, do "ktadd -k /etc/krb5.keytab
   host/blah.example.com" to extract the keys.

  - Nadine

Nadine Leenders
HPC System Administrator, Research Support
Academic Information and Communication Technologies
University of Alberta

On Wed, 24 Sep 2008, Wolf Rising wrote:

> Would anyone happen to know how to create a kerberos principal for
> an external account using kadmin? I'm not sure of what syntax to
> use after addprincs, is it simply the email address the individual wishes to
> use
> and then assign a  password?
> _______________________________________________
> Techtalk mailing list
> Techtalk at linuxchix.org
> http://mailman.linuxchix.org/mailman/listinfo/techtalk

More information about the Techtalk mailing list