[4607] in Kerberos
Re: Help needed to start Kerberos V5 B4
daemon@ATHENA.MIT.EDU (jack howard)
Mon Feb 13 08:28:26 1995
To: kerberos@MIT.EDU
Date: 11 Feb 1995 02:48:13 GMT
From: jhoward@sti.nasa.gov (jack howard)
In article <ab5da25f030210042e57@[204.119.83.10]>, topping@org.org (Brian Topping) says:
>This is _all_ I have been able to figure out. What I still need to find
>from other users is
>
>* what entries need to be made to /etc/services
Check ./src/config-files/services.append
>* what daemons need to be started in order to start everything up
The krb5kdc does not seem to be a daemon. I cannot get it to run in background
>* how to test that I have a fully functioning server
>
I'm new to this kerberos stuff. Folks here are interested in making things more
secure so i'm experimenting to see what kerberos could do for us.
I downloaded from athena.dist.mit.edu. Things seem to have compiled ok under my
SUN Solaris 2.3.1 system.
I made the above mentioned changes to my /etc/services. I did a "create" and an
"edit" to add a userid to my database. Since I can't get krb5kdc (the server) to
run in background I open an xterm and run it from the command line with the "-m"
option so it will prompt me for the master database pasword (key). I can then
switch to another xterm and run './kinit userid' which prompts me for userid's
password. If I run ./klist, it tells me I have obtained a ticket.
Thats it, thats as far as i've gotten. Next thing I'll try is the telnetd deamon
and some logons.
The biggest problem so far has been conflicts with the kerberos stuff that SUN
distributes with Solaris. SUN has its own kinit, klist, kdestroy commands. For
a while I was unknowingly executing those versions instead of the new V5 ones.
SUN's kinit gave me a "cannot send request" error msg, the V5 kinit seems to work
fine.
Jack
