On Thu, Feb 13, 2014 at 8:59 PM, fork <[email protected]> wrote: > I figure I would > install Kerberos and OpenAFS, but I am hoping to avoid BIND if I can. I > thought I would install the Kerberos key server on the same machine as > OpenAFS, since it is a toy system anyway.
By the way, if you're looking for a DNS server that's simpler than BIND, here's the dnsmasq.conf section that I use for my small OpenAFS cell and Kerberos realm: # Kerberos txt-record=_kerberos.ktdreyer.com,"KTREYER.COM" srv-host=_kerberos._udp.ktdreyer.com,"kdc1.ktdreyer.com",88 srv-host=_kerberos._tcp.ktdreyer.com,"kdc1.ktdreyer.com",88 srv-host=_kerberos-master._udp.ktdreyer.com,"kdc1.ktdreyer.com",88 srv-host=_kerberos-adm._tcp.ktdreyer.com,"kdc1.ktdreyer.com",749 srv-host=_kpasswd._udp.ktdreyer.com,"kdc1.ktdreyer.com",464 # OpenAFS srv-host=_afs3-prserver._udp.ktdreyer.com,"afsdb1.ktdreyer.com",7002 srv-host=_afs3-vlserver._udp.ktdreyer.com,"afsdb1.ktdreyer.com",7003 "kdc1.ktdreyer.com" runs my MIT Kerberos KDC (CentOS 6), and "afsdb1.ktdreyer.com" runs the AFS vlserver and ptserver, but there's no reason they couldn't be the same system. I just configure the dnsmasq daemon on the router on my LAN (running OpenWRT). - Ken _______________________________________________ OpenAFS-info mailing list [email protected] https://lists.openafs.org/mailman/listinfo/openafs-info
