Date: Mon, 26 Feb 1996 11:34:21 -0500 From: Ken Lam <klam@awod.com> To: Mark Murray <mark@grondar.za> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Kerberos 4 Slave Server Setup in 2.1 Message-ID: <1.5.4b11.32.19960226163421.0068c12c@awod.com>
next in thread | raw e-mail | index | archive | help
OK. The following is currently what I have done: I have added kpropd to inetd.conf in my slave, it does respond when I telnet to the port. I have a script which uses kdb_util to do a slave_dump and then calls kprop. I'm not quite sure which machines need the 'rcmd' principal and what instance they need, and I may have done the following wrong. rcmd.kerberos and rcmd.indigo are in both master and slave (with an 'ext_srvtab kerberos' srvtab on the slave). the docs say rcmd.HOSTNAME@REALM does that mean rcmd.indigo.awod.com@AWOD.COM ? krb.conf ---- AWOD.COM AWOD.COM moultrie.awod.com admin server AWOD.COM indigo.awod.com krb.realms ---- AWOD.COM AWOD.COM .AWOD.COM AWOD.COM krb.slaves ---- indigo.awod.com this is the console message I receive when trying to propogate: moultrie# /usr/sbin/kdbupdate Start slave propagation: Mon Feb 26 11:09:29 1996 indigo.awod.com: Generic kerberos error (kfailure). Calling krb_sendauth.indigo .awod.com: Generic kerberos error (kfailure). Calling krb_sendauth.indigo.awod. com: Generic kerberos error (kfailure). Calling krb_sendauth.indigo.awod.com: G eneric kerberos error (kfailure). Calling krb_sendauth.indigo.awod.com: Generic kerberos error (kfailure). Calling krb_sendauth.kprop: propagation failed. this is from the kerberos.log: 26-Feb-96 11:09:29 Initial ticket request Host: 198.81.225.2 User: "rcmd" "kerbe ros" 26-Feb-96 11:09:29 APPL Request rcmd.kerberos@AWOD.COM on 198.81.225.2 for rcmd. indigo Thanks again! Ken
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1.5.4b11.32.19960226163421.0068c12c>