-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 My home network currently has 3 Debian machines (running frozen potato) and I've been trying to setup Heimdal's (version 0.2l-7) Kerberos 5 realm to work between those machines. Once I figured out that heimdal's packages don't create correct /etc/krb5.conf file for me, it was relatively painless to get everything working within KDC machine. However once I wanted to add more hosts into realm, I found myself in trouble, because I was unable to figure out how I am supposed to get correct /etc/krb5.keytab files to non-KDC machines. KDC machine has all things nicely, because I gave add host/some.thing in KDC machine. After surfing around in web and trying to modify bits and pieces that I found from there, I started to wonder if I would have to give myself "get" priviledges in /var/lib/heimdal-kdc/kadm5.acl, so that I would be able to get host keys, when using ktutils and kadmin from remote machines. Even though that kadm5.acl is appearantly supposed to be file, where you simply can't do things in wrong way (you just add name and wanted priviledges), it didn't seem to work for me... (or at least kadmin kept on telling me that I have "none" privileges, when I was trying to use it with anything else than "kadmin -l" in KDC host) Any advices from Kerberos users on how to make those keytab tables so that they would be correctly setup between KDC and other hosts?
- -- Juha Ylitalo [EMAIL PROTECTED] <work e-mail> UPS 3/4 B427 http://wwwinhel.ntc.nokia.com/~jylitalo <work www> +358 40 562 6152 http://www.iki.fi/~jylitalo <public www> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.1 (GNU/Linux) Comment: Made with pgp4pine iD8DBQE43+nts9o7tOc1jEMRAoOBAJ4hC5lajtNU81837Q36eJIO9PX2DwCfVBkd RHLiXwyyu/qymV+7mCQXi8Q= =2Tnq -----END PGP SIGNATURE-----
