Heimdal in more than one host...
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
My home network currently has 3 Debian machines (running frozen potato)
and I've been trying to setup Heimdal's (version 0.2l-7) Kerberos 5 realm
to work between those machines.
Once I figured out that heimdal's packages don't create correct
/etc/krb5.conf file for me, it was relatively painless to get everything
working within KDC machine. However once I wanted to add more hosts into
realm, I found myself in trouble, because I was unable to figure out how I
am supposed to get correct /etc/krb5.keytab files to non-KDC
machines. KDC machine has all things nicely, because I gave add
host/some.thing in KDC machine.
After surfing around in web and trying to modify bits and pieces that I
found from there, I started to wonder if I would have to give myself "get"
priviledges in /var/lib/heimdal-kdc/kadm5.acl, so that I would be able to
get host keys, when using ktutils and kadmin from remote machines. Even
though that kadm5.acl is appearantly supposed to be file, where you simply
can't do things in wrong way (you just add name and wanted priviledges),
it didn't seem to work for me... (or at least kadmin kept on telling me
that I have "none" privileges, when I was trying to use it with anything
else than "kadmin -l" in KDC host)
Any advices from Kerberos users on how to make those keytab tables so that
they would be correctly setup between KDC and other hosts?
- --
Juha Ylitalo juha.o.ylitalo@nokia.com <work e-mail>
UPS 3/4 B427 http://wwwinhel.ntc.nokia.com/~jylitalo <work www>
+358 40 562 6152 http://www.iki.fi/~jylitalo <public www>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.1 (GNU/Linux)
Comment: Made with pgp4pine
iD8DBQE43+nts9o7tOc1jEMRAoOBAJ4hC5lajtNU81837Q36eJIO9PX2DwCfVBkd
RHLiXwyyu/qymV+7mCQXi8Q=
=2Tnq
-----END PGP SIGNATURE-----
Reply to: