Erik Haller <[email protected]> writes: > Incidentally, the output from krb5_newrealm (latest version) shows:
> root@lime:t# krb5_newrealm > This script should be run on the master KDC/admin server to initialize > a Kerberos realm. It will ask you to type in a master key password. > This password will be used to generate a key that is stored in > /etc/krb5kdc/stash. You should try to remember this password, but it > is much more important that it be a strong password than that it be > remembered. However, if you lose the password and /etc/krb5kdc/stash, > you cannot decrypt your Kerberos database. > Loading random data > Initializing database '/etc/krb5kdc/principal' for realm 'EXAMPLE.COM', > master key name 'K/[email protected]' > You will be prompted for the database Master Password. > It is important that you NOT FORGET this password. > Enter KDC database master key: > Looks like krb5_newrealm is choosing a default location of /etc/krb5kdc > instead of /var ... Yeah, it sure does. I think that's the bug rather than the krb5-admin-server configuration, since that stuff is really supposed to be in /var/lib/krb5kdc. -- Russ Allbery ([email protected]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
