Hi again
Still trying to set op the OpenAFS server with Kerberos.
A few questions:
- Is a problem to have all kadmin, kdc, openafs server, and open afsclient
on same machine? Easier if I can very fy the server setup of kerberos/openafs,
on just one machine.
- I have gotten to the part in your "krb5Scripts.txt" file with haedline
"Create an AFS principal in the Kerberos database. Call it:"
Ok then I do that but when I come to "asetkey list" command to list my
AFS KeyFile, it seems I have no such keyfile. How can I create that ?
- I got your fine "afs-client" script along with the aliases "startc", "stopc"
to work fine. But what do I need to have set up before trying to invoke
"afs-server". But perhaps it's the very final step :-) ?
My kdc.conf, kadm5.acl and krb5.conf files currently look like this:
-- kdc.conf --
[kdcdefaults]
acl_file = /var/lib/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/lib/kerberos/krb5kdc/kadm5.keytab
v4_mode = nopreauth
[realms]
DELTA.LOCAL = {
master_key_type = des-cbc-crc
supported_enctypes = arcfour-hmac:normal arcfour-hmac:norealm
arcfour-hmac:onlyrealm des3-hmac-sha1:normal des-hmac-sha1:normal
des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:afs3
}
