|
Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000) Previous Document: 2.2. What sort of resources do I need to dedicate to a KDC? Next Document: 2.4. What programs/files need to go on each client? See reader questions & answers on this topic! - Help others by sharing your knowledge As a MINIMUM, on each application server, you'll need to put: * A Kerberos configuration file (/etc/krb5.conf). * The Kerberos application server daemons (telnetd, rlogind, ftpd, etc). * At least one encryption key (usually stored in /etc/krb5.keytab). The encryption key is really the critical part; it needs to be transmitted to the application server host in a secure fashion. This is typically the key for the host principal (host/foo.bar.org@REALM). Note that the MIT admin client kadmin encrypts all of the transfers between it and the admin server, so using ktadd from inside of kadmin is safe, provided that you're not sending your admin password over the network in the clear. You'll probably want to put the Kerberos client binaries on each application server as well, if you plan on having interactive user logins on your application servers. User Contributions:Top Document: Kerberos FAQ, v2.0 (last modified 8/18/2000) Previous Document: 2.2. What sort of resources do I need to dedicate to a KDC? Next Document: 2.4. What programs/files need to go on each client? Single Page [ Usenet FAQs | Web FAQs | Documents | RFC Index ] Send corrections/additions to the FAQ Maintainer: Ken Hornstein <kenh@cmf.nrl.navy.mil>
Last Update March 27 2014 @ 02:11 PM
|
Kerberos FAQ, v2.0 (last modified 8/18/2000)
Section - 2.3. What programs/files need to go on each application server?
Search the FAQ Archives
N - O - P - Q - R - S - T - U - V - W - X - Y - Z
Kerberos FAQ, v2.0 (last modified 8/18/2000)
Section - 2.3. What programs/files need to go on each application server?
( Single Page
)
[ Usenet FAQs | Web FAQs | Documents | RFC Index | Airports ]
Comment about this article, ask questions, or add new information about this topic: