Skip to Main Content
Linux in a Windows World
book

Linux in a Windows World

by Roderick W Smith
February 2005
Beginner content levelBeginner
496 pages
16h 10m
English
O'Reilly Media, Inc.
Content preview from Linux in a Windows World

Linux Kerberos Server Configuration

The single most complex task when you implement Kerberos on your network is to set up the Kerberos server—the KDC. To do this, you start by editing a server configuration file. This isn’t the end of the job, though. You must also create a master key, which is used to encrypt the KDC’s communications. Practical use of a Kerberos realm also requires such administrative tasks as creating principals and configuring access control rules. Finally, you must run the Kerberos servers (the main server and, typically, a separate administrative server).

Kerberos Realm Configuration

MIT Kerberos uses two configuration files: krb5.conf and kdc.conf. Heimdal, though, dispenses with the latter file, so you needn’t be concerned with kdc.conf if you’re configuring Heimdal. The krb5.conf file contains assorted information about your realm and the server’s operation, while the kdc.conf file contains KDC-specific information.

Tip

Application servers and clients need to know much of the realm information in krb5.conf, and so these systems use this file, as well, although some sections are missing or ignored on these systems.

Editing krb5.conf

The KDC’s main configuration file is called krb5.conf. If you install Kerberos from a package, chances are this file will reside in /etc. A sample krb5.conf file appears in Example 9-1.

Example 9-1. Sample krb5.conf listing

[logging] default = FILE:/var/log/krb5libs.log kdc = FILE:/var/log/krb5kdc.log admin_server = FILE:/var/log/kadmind.log ...
Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Ubuntu Made Easy

Ubuntu Made Easy

Rickford Grant, Phil Bull
Ubuntu for Non-Geeks, 4th Edition

Ubuntu for Non-Geeks, 4th Edition

Rickford Grant, Phil Bull
Fedora Bible 2010 Edition: Featuring Fedora Linux 12

Fedora Bible 2010 Edition: Featuring Fedora Linux 12

Christopher Negus, Eric Foster-Johnson
Linux: Powerful Server Administration

Linux: Powerful Server Administration

Uday Sawant, Oliver Pelz, Jonathan Hobson, William Leemans

Publisher Resources

ISBN: 0596007582