diff options
| author | Garrett Wollman <wollman@FreeBSD.org> | 1994-02-27 21:17:55 +0000 |
|---|---|---|
| committer | Garrett Wollman <wollman@FreeBSD.org> | 1994-02-27 21:17:55 +0000 |
| commit | fc73393612fd7075c361317ab6339350c99f2674 (patch) | |
| tree | 64b5210ae79c32319a8219d63c39b70a0d795d0d /etc/kerberosIV | |
| parent | 441ef6400bfc20998e95d0aa7aeb4e60c8335c07 (diff) | |
Sample configuration files for Kerberos. (Not restricted.)
Notes
Notes:
svn path=/head/; revision=1220
Diffstat (limited to 'etc/kerberosIV')
| -rw-r--r-- | etc/kerberosIV/README | 35 | ||||
| -rw-r--r-- | etc/kerberosIV/krb.conf | 9 | ||||
| -rw-r--r-- | etc/kerberosIV/krb.realms | 3 |
3 files changed, 47 insertions, 0 deletions
diff --git a/etc/kerberosIV/README b/etc/kerberosIV/README new file mode 100644 index 000000000000..1482e99cd1df --- /dev/null +++ b/etc/kerberosIV/README @@ -0,0 +1,35 @@ +# @(#)README 5.1 (Berkeley) 6/30/90 + +Notes about the contents of the /etc/kerberosIV directory: + +The file master_key contains a copy of the master key under which the +entire Kerberos database is encrypted. Disclosing this key would be bad +news. The reason it is stored in the filesystem is because the following +programs need to inspect or modify the kereros database, and so the key +must be available for them, (or else it would have to be typed in by +hand): + - kerberos (the server itself) + - registerd (for new user registration) + - kpasswdd (for changing passwords) + +The srvtab file contains the encryption keys for each service on the local +host. Any host offering network services would have a key here, although +many such files can be used. + +The principal.* files comprise the Kerberos database itself, and contain +keys for all principles, and should not be world-readable. + +The kerberos.conf file contains the configuration for this machine: + - which realm I'm in + - which servers I should talk to for this realm + +The kerberos.realms file contains the name of Kerberos servers for +various (sub)domains. + +Kerberos log information it placed in /var/log/kerberos.log +(see rc.local to change it) + +The register_keys directory contains a set of files (all of which begin +with "."), each of which contains a des key used for registering new users +with the system. It is used only by the "registerd" program, and only on +a Kerberos server host. diff --git a/etc/kerberosIV/krb.conf b/etc/kerberosIV/krb.conf new file mode 100644 index 000000000000..11ac1ac78b01 --- /dev/null +++ b/etc/kerberosIV/krb.conf @@ -0,0 +1,9 @@ +CS.BERKELEY.EDU +CS.BERKELEY.EDU okeeffe.berkeley.edu +ATHENA.MIT.EDU kerberos.mit.edu +ATHENA.MIT.EDU kerberos-1.mit.edu +ATHENA.MIT.EDU kerberos-2.mit.edu +ATHENA.MIT.EDU kerberos-3.mit.edu +LCS.MIT.EDU kerberos.lcs.mit.edu +TELECOM.MIT.EDU bitsy.mit.edu +ARC.NASA.GOV trident.arc.nasa.gov diff --git a/etc/kerberosIV/krb.realms b/etc/kerberosIV/krb.realms new file mode 100644 index 000000000000..1f1bec58ae95 --- /dev/null +++ b/etc/kerberosIV/krb.realms @@ -0,0 +1,3 @@ +.berkeley.edu CS.BERKELEY.EDU +.MIT.EDU ATHENA.MIT.EDU +.mit.edu ATHENA.MIT.EDU |