On 1/4/19 9:14 AM, Robbie Harwood wrote:
The KDC and kadmin want several low-number ports, including 88, 749, and possibly 754.
It's possible (on Linux) to give utilities access to bind to ports below 1024 as non-root user by adding the cap_net_bind_service capability via the setcap command.
Aside: How well would Kerberos work if these services ran on a high port and IPTables magic was used to redirect requests to the low ports up to high ports?
-- Grant. . . . unix || die
smime.p7s
Description: S/MIME Cryptographic Signature
________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
