From 9ee8327e4599a25480a4319ac89cb05bcbeb17bc Mon Sep 17 00:00:00 2001
From: wollman <wollman@FreeBSD.org>
Date: Sun, 27 Feb 1994 21:17:55 +0000
Subject: Sample configuration files for Kerberos.  (Not restricted.)

---
 etc/kerberosIV/README     | 35 +++++++++++++++++++++++++++++++++++
 etc/kerberosIV/krb.conf   |  9 +++++++++
 etc/kerberosIV/krb.realms |  3 +++
 3 files changed, 47 insertions(+)
 create mode 100644 etc/kerberosIV/README
 create mode 100644 etc/kerberosIV/krb.conf
 create mode 100644 etc/kerberosIV/krb.realms

(limited to 'etc/kerberosIV')

diff --git a/etc/kerberosIV/README b/etc/kerberosIV/README
new file mode 100644
index 0000000..1482e99
--- /dev/null
+++ b/etc/kerberosIV/README
@@ -0,0 +1,35 @@
+#	@(#)README	5.1 (Berkeley) 6/30/90
+
+Notes about the contents of the /etc/kerberosIV directory:
+
+The file master_key contains a copy of the master key under which the
+entire Kerberos database is encrypted.  Disclosing this key would be bad
+news.  The reason it is stored in the filesystem is because the following
+programs need to inspect or modify the kereros database, and so the key
+must be available for them, (or else it would have to be typed in by
+hand):
+		- kerberos (the server itself)
+		- registerd (for new user registration)
+		- kpasswdd (for changing passwords)
+
+The srvtab file contains the encryption keys for each service on the local
+host.  Any host offering network services would have a key here, although
+many such files can be used.
+
+The principal.* files comprise the Kerberos database itself, and contain
+keys for all principles, and should not be world-readable.
+
+The kerberos.conf file contains the configuration for this machine:
+	- which realm I'm in
+	- which servers I should talk to for this realm
+
+The kerberos.realms file contains the name of Kerberos servers for
+various (sub)domains.
+
+Kerberos log information it placed in /var/log/kerberos.log
+(see rc.local to change it)
+
+The register_keys directory contains a set of files (all of which begin
+with "."), each of which contains a des key used for registering new users
+with the system.  It is used only by the "registerd" program, and only on
+a Kerberos server host.
diff --git a/etc/kerberosIV/krb.conf b/etc/kerberosIV/krb.conf
new file mode 100644
index 0000000..11ac1ac
--- /dev/null
+++ b/etc/kerberosIV/krb.conf
@@ -0,0 +1,9 @@
+CS.BERKELEY.EDU
+CS.BERKELEY.EDU	okeeffe.berkeley.edu
+ATHENA.MIT.EDU kerberos.mit.edu
+ATHENA.MIT.EDU kerberos-1.mit.edu
+ATHENA.MIT.EDU kerberos-2.mit.edu
+ATHENA.MIT.EDU kerberos-3.mit.edu
+LCS.MIT.EDU kerberos.lcs.mit.edu
+TELECOM.MIT.EDU bitsy.mit.edu
+ARC.NASA.GOV trident.arc.nasa.gov
diff --git a/etc/kerberosIV/krb.realms b/etc/kerberosIV/krb.realms
new file mode 100644
index 0000000..1f1bec5
--- /dev/null
+++ b/etc/kerberosIV/krb.realms
@@ -0,0 +1,3 @@
+.berkeley.edu	CS.BERKELEY.EDU
+.MIT.EDU	ATHENA.MIT.EDU
+.mit.edu	ATHENA.MIT.EDU
-- 
cgit v1.1