[443] in Kerberos
Crossing Realms
daemon@TELECOM.MIT.EDU (Doug Alan)
Tue Jul 12 01:03:30 1988
From: Doug Alan <nessus@ATHENA.MIT.EDU>
To: kerberos@ATHENA.MIT.EDU
So, is there anyone who would like to tell me the details of what I
have to do to get inter-realm access to work? Let's say, for example,
that from an Athena workstation, WS.MIT.EDU, I want to write files on
the NFS server, SERVER.MIT.EDU, which is in the EECS.MIT.EDU domain.
Let's also say that there is a kerberos server for the EECS.MIT.EDU
domain called KERBEROS.EECS.MIT.EDU.
Before this will work, do KERBEROS.EECS.MIT.EDU and KERBEROS.MIT.EDU
have to have exchanged some kind of password between them so that they
will be able to identify each other? If so, is this done with the
usual service instance mechanism, with a password that goes in
/etc/srvtab? What is the name of this instance?
Then I have to add a line to /usr/etc/credentials on SERVER.MIT.EDU,
to grant access to nessus@ATHENA.MIT.EDU? What does this line look
like? "nessus@ATHENA.MIT.EDU:654"?
Then I have to add a line to /etc/krb.realms on WS.MIT.EDU? What does
this line look like? "server.mit.edu EECS.MIT.EDU"?
Is there anything else that I am missing?
|>oug /\lan
