diff options
| author | wollman <wollman@FreeBSD.org> | 1994-02-27 21:17:55 +0000 |
|---|---|---|
| committer | wollman <wollman@FreeBSD.org> | 1994-02-27 21:17:55 +0000 |
| commit | 9ee8327e4599a25480a4319ac89cb05bcbeb17bc (patch) | |
| tree | 64b5210ae79c32319a8219d63c39b70a0d795d0d /etc/kerberosIV | |
| parent | 7fc89df0616487fbdeef08a39ec6bf09cb91ee2b (diff) | |
| download | FreeBSD-src-9ee8327e4599a25480a4319ac89cb05bcbeb17bc.zip FreeBSD-src-9ee8327e4599a25480a4319ac89cb05bcbeb17bc.tar.gz | |
Sample configuration files for Kerberos. (Not restricted.)
Diffstat (limited to 'etc/kerberosIV')
| -rw-r--r-- | etc/kerberosIV/README | 35 | ||||
| -rw-r--r-- | etc/kerberosIV/krb.conf | 9 | ||||
| -rw-r--r-- | etc/kerberosIV/krb.realms | 3 |
3 files changed, 47 insertions, 0 deletions
diff --git a/etc/kerberosIV/README b/etc/kerberosIV/README new file mode 100644 index 0000000..1482e99 --- /dev/null +++ b/etc/kerberosIV/README @@ -0,0 +1,35 @@ +# @(#)README 5.1 (Berkeley) 6/30/90 + +Notes about the contents of the /etc/kerberosIV directory: + +The file master_key contains a copy of the master key under which the +entire Kerberos database is encrypted. Disclosing this key would be bad +news. The reason it is stored in the filesystem is because the following +programs need to inspect or modify the kereros database, and so the key +must be available for them, (or else it would have to be typed in by +hand): + - kerberos (the server itself) + - registerd (for new user registration) + - kpasswdd (for changing passwords) + +The srvtab file contains the encryption keys for each service on the local +host. Any host offering network services would have a key here, although +many such files can be used. + +The principal.* files comprise the Kerberos database itself, and contain +keys for all principles, and should not be world-readable. + +The kerberos.conf file contains the configuration for this machine: + - which realm I'm in + - which servers I should talk to for this realm + +The kerberos.realms file contains the name of Kerberos servers for +various (sub)domains. + +Kerberos log information it placed in /var/log/kerberos.log +(see rc.local to change it) + +The register_keys directory contains a set of files (all of which begin +with "."), each of which contains a des key used for registering new users +with the system. It is used only by the "registerd" program, and only on +a Kerberos server host. diff --git a/etc/kerberosIV/krb.conf b/etc/kerberosIV/krb.conf new file mode 100644 index 0000000..11ac1ac --- /dev/null +++ b/etc/kerberosIV/krb.conf @@ -0,0 +1,9 @@ +CS.BERKELEY.EDU +CS.BERKELEY.EDU okeeffe.berkeley.edu +ATHENA.MIT.EDU kerberos.mit.edu +ATHENA.MIT.EDU kerberos-1.mit.edu +ATHENA.MIT.EDU kerberos-2.mit.edu +ATHENA.MIT.EDU kerberos-3.mit.edu +LCS.MIT.EDU kerberos.lcs.mit.edu +TELECOM.MIT.EDU bitsy.mit.edu +ARC.NASA.GOV trident.arc.nasa.gov diff --git a/etc/kerberosIV/krb.realms b/etc/kerberosIV/krb.realms new file mode 100644 index 0000000..1f1bec5 --- /dev/null +++ b/etc/kerberosIV/krb.realms @@ -0,0 +1,3 @@ +.berkeley.edu CS.BERKELEY.EDU +.MIT.EDU ATHENA.MIT.EDU +.mit.edu ATHENA.MIT.EDU |
