[36583] in Kerberos
Does /etc/krb5.conf have to be present and identical on all Kerberos
daemon@ATHENA.MIT.EDU (Rufe Glick)
Wed Oct 29 14:40:06 2014
Date: Wed, 29 Oct 2014 14:39:52 -0400
From: Rufe Glick <rufe.glick@gmail.com>
Message-ID: <1509874084.20141029143952@gmail.com>
To: kerberos@mit.edu
MIME-Version: 1.0
Content-Type: text/plain; charset="windows-1251"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit
Hello,
I'm trying to understand the inner workings of Kerberos here. The following question has arisen: Does /etc/krb5.conf have to be present and indentical on all Kerberos infrastructure participants?
Here is what I deduced based on reading Linux man pages and other source on the Internet. Please confirm, refute or correct:
All Kerberos infrastructure participants (client machines, application servers and KDC) must have this file present. Some of its settings are selectively used by all 3 types of aforementioned Kerberos infrastructure participants. Thus the file doesn’t have to be identical on all Kerberos involved machines, but for the sake of easier administration it usually is.
P.S. The OS in question is Linux Cent OS 7 and the version of Kerberos is MIT Kerberos 5 (krb5-server package version: 1.11.3).
--
Best Regards,
Rufe
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
