For a test setup, we need to create a custom service running on a server and a custom application running on the client. The sample gss client/server from the Kerberos sources is used for demonstration.
Setting this up with plain Kerberos is easy: 1. Create the service principal with $ addprinc -randkey sample/server.domain 2. Add key to keytab $ ktadd ... 3. Copy keytab to server 4. Run the service $ gss_server -port 12345 sample Now, how would one do this with freeipa, using the command line interface? 1. Create service $ ipa service-add sample/server.domain 2a. Create the service key? How? 2b. Generate the keytab for the key? How? 3. Copy the keytab to the server? Manually or is there a freeipa way to do that? Is this approach correct? Any pointer to the relevant documentation would also be helpful. (I'm completely new to freeipa.) Ciao Dominik ^_^ ^_^ -- Dominik Vogt _______________________________________________ FreeIPA-users mailing list -- freeipa-users@lists.fedorahosted.org To unsubscribe send an email to freeipa-users-le...@lists.fedorahosted.org Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/ List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/freeipa-users@lists.fedorahosted.org