[3333] in Kerberos
Re: Novice kerberos questions - ignore the other one
daemon@ATHENA.MIT.EDU (Phi H Truong)
Fri May 27 19:25:31 1994
To: kerberos@MIT.EDU
Date: 27 May 1994 13:37:12 GMT
From: orion@iastate.edu (Phi H Truong)
Reply-To: orion@iastate.edu (Phi H Truong)
In article <mzeier.769993540@interaccess.com>,
Matthew R. Zeier <mzeier@interaccess.com> wrote:
>
>
>Made /etc/krb.conf:
> INTERACCESS.COM
> INTERACCESS.COM kerberos.INTERACCESS.COM admin server
>
>Made /etc/krb.realm
> .interaccess.com INTERACCESS.COM
>
>Ran kdb_init: entered realm name of INTERACCESS.COM and master passwd.
>Ran kstash
>Ran kdb_edit: entered my username as principal, null instance, and accepted
> the defaults
>Started the kerberos server (kerberos &)
>Ran ext_srvtab squidboy (that machines name) and renamed it to /etc/srvtab
The srvtab on kerberos server should contain these principals:
rcmd.<hostname>
rcmd.kerberos
changepw.kerberos
The srvtab on the client:
rcmd.<hostname>
You can use ksrvtgt to test whether your srvtab is valid.
>
>I can successsfully get a ticket using the kinit, and can list my ticket as
>well. I found out the hard way that for every application (rlogin, passwd)
>there needs to be a principle for it. When I do a passwd, I get prompted
>for my Old Password and then I get the error message that it can't decode
>authenticator.
Do you have kadmind running on kerberos server as well? We replaced our
passwd with kpasswd and didn't need priciple (on client machine) for it.
These are a few things we did at our site with DEC machines. I don't know
about Sun or BSDI.
--
_____
Phi H. Truong "Hmmmmmmmm....... "
orion@iastate.edu ISU Computation Center
Systems Analyst 237 Durham Center ph: (515) 294 -1420
