Red Hat Kerberos

To configure a basic Red Hat Kerberos server, follow these steps:

1. Ensure that clock synchronization and DNS are running.

2. Install the krb5-libs, krb5-server, and krb5-workstation packages on the KDC system.

3. Edit the /etc/krb5.conf and /var/kerberos/krb5kdc/kdc.conf configuration files to reflect your realm name and domain-to-realm mappings.

4. Create the kerberos database using the following command: /usr/kerberos/sbin/kdb5_util create -s

5. Edit the /var/kerberos/krb5kdc/kadm5.acl file.

6. Start Kerberos using the following commands:

/sbin/service krb5kdc start /sbin/service kadmin start /sbin/service krb524 start

7. Add principals for your users using the addprinc command with kadmin.

8. Verify that the server will issue tickets by running kinit to obtain a ticket and store it in a credential cache file.

For more information about how to configure a Kerberos server, see:

http://www.redhat.com/docs/manuals/linux/RHL-9-Manual/ref-guide/s1-kerberos -server.html

The Red Hat kerberos distribution has the ability to run through the configuration of services within xinetd. Example 14-4 shows the contents of a typical xinetd configuration for some "kerberized" services (from /etc/xinetd.d/).

Example 14-4 xinted service entries krb5-telnet service telnet {

flags = REUSE

socket_type = stream wait = no user = root server = /usr/local/krb5/sbin/telnetd server_args = -X KERBEROS_V4 -a valid log_on_failure += USERID disable = no kshell service kshell {

flags = REUSE

socket_type = stream wait = no user = root server = /usr/local/krb5/sbin/kshd server_args = -5 -c -A disable = no klogin service klogin {

flags = REUSE

socket_type = stream wait = no user = root server = /usr/local/krb5/sbin/klogind server_args = -5 -c disable = no eklogin service eklogin {

flags = REUSE

socket_type = stream wait = no user = root server = /usr/local/krb5/sbin/klogind server_args = -5 -c -e disable = no gss-ftp service ftp {

flags = REUSE

socket_type = stream wait = no user = root server = /usr/local/krb5/sbin/ftpd server_args = -a disable = no

Was this article helpful?

0 0
Project Management Made Easy

Project Management Made Easy

What you need to know about… Project Management Made Easy! Project management consists of more than just a large building project and can encompass small projects as well. No matter what the size of your project, you need to have some sort of project management. How you manage your project has everything to do with its outcome.

Get My Free Ebook


Post a comment