Browse Source

Add sample kerberosIV configuration files

OPENBSD_2_0
tholo 29 years ago
parent
commit
7cb8eb037b
5 changed files with 49 additions and 0 deletions
  1. +9
    -0
      src/etc/Makefile
  2. +36
    -0
      src/etc/kerberosIV/README
  3. +2
    -0
      src/etc/kerberosIV/krb.conf
  4. +1
    -0
      src/etc/kerberosIV/krb.equiv
  5. +1
    -0
      src/etc/kerberosIV/krb.realms

+ 9
- 0
src/etc/Makefile View File

@ -56,6 +56,15 @@ distribution: distrib-dirs
rm -f ${DESTDIR}/.cshrc ${DESTDIR}/.profile; \ rm -f ${DESTDIR}/.cshrc ${DESTDIR}/.profile; \
ln ${DESTDIR}/root/.cshrc ${DESTDIR}/.cshrc; \ ln ${DESTDIR}/root/.cshrc ${DESTDIR}/.cshrc; \
ln ${DESTDIR}/root/.profile ${DESTDIR}/.profile) ln ${DESTDIR}/root/.profile ${DESTDIR}/.profile)
(cd kerberosIV; \
install -c -o root -g wheel -m 644 README \
${DESTDIR}/etc/kerberosIV; \
install -c -o root -g wheel -m 644 krb.conf \
${DESTDIR}/etc/kerberosIV; \
install -c -o root -g wheel -m 644 krb.equiv \
${DESTDIR}/etc/kerberosIV; \
install -c -o root -g wheel -m 444 krb.realms \
${DESTDIR}/etc/kerberosIV)
(cd mtree; \ (cd mtree; \
install -c -o root -g wheel -m 600 special \ install -c -o root -g wheel -m 600 special \
${DESTDIR}/etc/mtree; \ ${DESTDIR}/etc/mtree; \


+ 36
- 0
src/etc/kerberosIV/README View File

@ -0,0 +1,36 @@
# from @(#)README 8.1 (Berkeley) 6/9/93
# $Id: README,v 1.1 1995/12/16 21:12:08 tholo Exp $
Notes about the contents of the /etc/kerberosIV directory:
The file master_key contains a copy of the master key under which the
entire Kerberos database is encrypted. Disclosing this key would be bad
news. The reason it is stored in the filesystem is because the following
programs need to inspect or modify the kereros database, and so the key
must be available for them, (or else it would have to be typed in by
hand):
- kerberos (the server itself)
- registerd (for new user registration)
- kpasswdd (for changing passwords)
The srvtab file contains the encryption keys for each service on the local
host. Any host offering network services would have a key here, although
many such files can be used.
The principal.* files comprise the Kerberos database itself, and contain
keys for all principles, and should not be world-readable.
The kerberos.conf file contains the configuration for this machine:
- which realm I'm in
- which servers I should talk to for this realm
The kerberos.realms file contains the name of Kerberos servers for
various (sub)domains.
Kerberos log information it placed in /var/log/kerberos.log
(see rc.local to change it)
The register_keys directory contains a set of files (all of which begin
with "."), each of which contains a des key used for registering new users
with the system. It is used only by the "registerd" program, and only on
a Kerberos server host.

+ 2
- 0
src/etc/kerberosIV/krb.conf View File

@ -0,0 +1,2 @@
MY.DOMAIN
MY.DOMAIN me.my.domain admin server

+ 1
- 0
src/etc/kerberosIV/krb.equiv View File

@ -0,0 +1 @@
#1.2.3.4 4.3.2.1

+ 1
- 0
src/etc/kerberosIV/krb.realms View File

@ -0,0 +1 @@
.my.domain MY.DOMAIN

Loading…
Cancel
Save