Hello, I'm a newbie to Kerberos trying to set it up at the suggestion of the
handbook's "Securing FreeBSD" section. However, the Kerberos section is heavily
biased towards version 4 and I'm not sure if it's leading me on the right track.
I've figured out how to edit krb5.conf to set my realms, boot up kadmind and kdc
in rc.conf, init the database using k5admin and stash my master key. However,
when adding the two principals the handbook says are needed I get a few warning
messages which I'm nervous about.

kadmin> add --random-password passwd
root/admin@SAKURA's Password: 
Max ticket life [unlimited]:
Max renewable life [unlimited]:
Principal expiration time [never]:
Password expiration time [never]:
Attributes []:
root/admin@SAKURA's Password: 
k5admin: kadm5_create_principal: Client (root/admin@SAKURA) unknown
added passwd@SAKURA with password `not4u2c'
k5admin: adding passwd: Client not found in Kerberos database

It looks like all I need to do is add myself in as a client somehow, but I'd
like to be reassured that the handbook's setup instructions for Kerberos 4
are also the right ones under Kerberos 5. Can anyone do that, or help me through
the correct setup procedure if it's different?

To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-questions" in the body of the message

Reply via email to