1997-09-04 06:04:33 +00:00
|
|
|
|
\input texinfo @c -*- texinfo -*-
|
|
|
|
|
@c %**start of header
|
2000-01-09 08:31:47 +00:00
|
|
|
|
@c $Id: kth-krb.texi,v 1.80 1999/12/02 16:58:35 joda Exp $
|
1997-09-04 06:04:33 +00:00
|
|
|
|
@setfilename kth-krb.info
|
|
|
|
|
@settitle KTH-KRB
|
|
|
|
|
@iftex
|
|
|
|
|
@afourpaper
|
|
|
|
|
@end iftex
|
|
|
|
|
@c some sensible characters, please?
|
|
|
|
|
@tex
|
|
|
|
|
\input latin1.tex
|
|
|
|
|
@end tex
|
|
|
|
|
@setchapternewpage on
|
|
|
|
|
@syncodeindex pg cp
|
|
|
|
|
@c %**end of header
|
|
|
|
|
|
1999-09-19 14:19:32 +00:00
|
|
|
|
@ifinfo
|
1997-09-04 06:04:33 +00:00
|
|
|
|
@dircategory Kerberos
|
|
|
|
|
@direntry
|
|
|
|
|
* Kth-krb: (kth-krb). The Kerberos IV distribution from KTH
|
|
|
|
|
@end direntry
|
1999-09-19 14:19:32 +00:00
|
|
|
|
@end ifinfo
|
1997-09-04 06:04:33 +00:00
|
|
|
|
|
|
|
|
|
@c title page
|
|
|
|
|
@titlepage
|
|
|
|
|
@title KTH-KRB
|
|
|
|
|
@subtitle Kerberos 4 from KTH
|
1999-09-19 14:19:32 +00:00
|
|
|
|
@subtitle For release 0.10.
|
|
|
|
|
@subtitle 1999
|
1997-09-04 06:04:33 +00:00
|
|
|
|
@author Johan Danielsson
|
|
|
|
|
@author Assar Westerlund
|
2000-01-09 08:31:47 +00:00
|
|
|
|
@author last updated $Date: 1999/12/02 16:58:35 $
|
1997-09-04 06:04:33 +00:00
|
|
|
|
|
|
|
|
|
@def@copynext{@vskip 20pt plus 1fil@penalty-1000}
|
|
|
|
|
@def@copyrightstart{}
|
|
|
|
|
@def@copyrightend{}
|
|
|
|
|
@page
|
|
|
|
|
@copyrightstart
|
1999-09-19 14:19:32 +00:00
|
|
|
|
Copyright (c) 1995-1999 Kungliga Tekniska H<>gskolan
|
1997-09-04 06:04:33 +00:00
|
|
|
|
(Royal Institute of Technology, Stockholm, Sweden).
|
|
|
|
|
All rights reserved.
|
|
|
|
|
|
|
|
|
|
Redistribution and use in source and binary forms, with or without
|
|
|
|
|
modification, are permitted provided that the following conditions
|
|
|
|
|
are met:
|
|
|
|
|
|
|
|
|
|
1. Redistributions of source code must retain the above copyright
|
|
|
|
|
notice, this list of conditions and the following disclaimer.
|
|
|
|
|
|
|
|
|
|
2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
|
notice, this list of conditions and the following disclaimer in the
|
|
|
|
|
documentation and/or other materials provided with the distribution.
|
|
|
|
|
|
2000-01-09 08:31:47 +00:00
|
|
|
|
3. Neither the name of the Institute nor the names of its contributors
|
1997-09-04 06:04:33 +00:00
|
|
|
|
may be used to endorse or promote products derived from this software
|
|
|
|
|
without specific prior written permission.
|
|
|
|
|
|
|
|
|
|
THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
|
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
|
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
|
ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE
|
|
|
|
|
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
|
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
|
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
|
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
|
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
|
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
|
SUCH DAMAGE.
|
|
|
|
|
|
|
|
|
|
@copynext
|
|
|
|
|
|
|
|
|
|
Copyright (C) 1995 Eric Young (eay@@mincom.oz.au)
|
|
|
|
|
All rights reserved.
|
|
|
|
|
|
|
|
|
|
Redistribution and use in source and binary forms, with or without
|
|
|
|
|
modification, are permitted provided that the following conditions
|
|
|
|
|
are met:
|
|
|
|
|
|
|
|
|
|
1. Redistributions of source code must retain the copyright
|
|
|
|
|
notice, this list of conditions and the following disclaimer.
|
|
|
|
|
|
|
|
|
|
2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
|
notice, this list of conditions and the following disclaimer in the
|
|
|
|
|
documentation and/or other materials provided with the distribution.
|
|
|
|
|
|
|
|
|
|
3. All advertising materials mentioning features or use of this software
|
|
|
|
|
must display the following acknowledgement:
|
|
|
|
|
This product includes software developed by Eric Young (eay@@mincom.oz.au)
|
|
|
|
|
|
|
|
|
|
THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
|
|
|
|
|
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
|
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
|
ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
|
|
|
|
|
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
|
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
|
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
|
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
|
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
|
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
|
SUCH DAMAGE.
|
|
|
|
|
|
|
|
|
|
@copynext
|
|
|
|
|
|
|
|
|
|
Copyright (c) 1983, 1990 The Regents of the University of California.
|
|
|
|
|
All rights reserved.
|
|
|
|
|
|
|
|
|
|
Redistribution and use in source and binary forms, with or without
|
|
|
|
|
modification, are permitted provided that the following conditions
|
|
|
|
|
are met:
|
|
|
|
|
|
|
|
|
|
1. Redistributions of source code must retain the above copyright
|
|
|
|
|
notice, this list of conditions and the following disclaimer.
|
|
|
|
|
|
|
|
|
|
2. Redistributions in binary form must reproduce the above copyright
|
|
|
|
|
notice, this list of conditions and the following disclaimer in the
|
|
|
|
|
documentation and/or other materials provided with the distribution.
|
|
|
|
|
|
|
|
|
|
3. All advertising materials mentioning features or use of this software
|
|
|
|
|
must display the following acknowledgement:
|
|
|
|
|
This product includes software developed by the University of
|
|
|
|
|
California, Berkeley and its contributors.
|
|
|
|
|
|
|
|
|
|
4. Neither the name of the University nor the names of its contributors
|
|
|
|
|
may be used to endorse or promote products derived from this software
|
|
|
|
|
without specific prior written permission.
|
|
|
|
|
|
|
|
|
|
THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND
|
|
|
|
|
ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
|
|
|
|
|
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
|
|
|
|
|
ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE
|
|
|
|
|
FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
|
|
|
|
|
DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
|
|
|
|
|
OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
|
|
|
|
|
HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
|
|
|
|
|
LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
|
|
|
|
|
OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
|
|
|
|
|
SUCH DAMAGE.
|
|
|
|
|
|
|
|
|
|
@copynext
|
|
|
|
|
|
|
|
|
|
Copyright (C) 1990 by the Massachusetts Institute of Technology
|
|
|
|
|
|
|
|
|
|
Export of this software from the United States of America is assumed
|
|
|
|
|
to require a specific license from the United States Government.
|
|
|
|
|
It is the responsibility of any person or organization contemplating
|
|
|
|
|
export to obtain such a license before exporting.
|
|
|
|
|
|
|
|
|
|
WITHIN THAT CONSTRAINT, permission to use, copy, modify, and
|
|
|
|
|
distribute this software and its documentation for any purpose and
|
|
|
|
|
without fee is hereby granted, provided that the above copyright
|
|
|
|
|
notice appear in all copies and that both that copyright notice and
|
|
|
|
|
this permission notice appear in supporting documentation, and that
|
|
|
|
|
the name of M.I.T. not be used in advertising or publicity pertaining
|
|
|
|
|
to distribution of the software without specific, written prior
|
|
|
|
|
permission. M.I.T. makes no representations about the suitability of
|
|
|
|
|
this software for any purpose. It is provided "as is" without express
|
|
|
|
|
or implied warranty.
|
|
|
|
|
|
|
|
|
|
@copynext
|
|
|
|
|
|
|
|
|
|
Copyright 1987, 1989 by the Student Information Processing Board
|
|
|
|
|
of the Massachusetts Institute of Technology
|
|
|
|
|
|
|
|
|
|
Permission to use, copy, modify, and distribute this software
|
|
|
|
|
and its documentation for any purpose and without fee is
|
|
|
|
|
hereby granted, provided that the above copyright notice
|
|
|
|
|
appear in all copies and that both that copyright notice and
|
|
|
|
|
this permission notice appear in supporting documentation,
|
|
|
|
|
and that the names of M.I.T. and the M.I.T. S.I.P.B. not be
|
|
|
|
|
used in advertising or publicity pertaining to distribution
|
|
|
|
|
of the software without specific, written prior permission.
|
|
|
|
|
M.I.T. and the M.I.T. S.I.P.B. make no representations about
|
|
|
|
|
the suitability of this software for any purpose. It is
|
|
|
|
|
provided "as is" without express or implied warranty.
|
|
|
|
|
|
|
|
|
|
@copynext
|
|
|
|
|
|
|
|
|
|
Copyright 1992 Simmule Turner and Rich Salz. All rights reserved.
|
|
|
|
|
|
|
|
|
|
This software is not subject to any license of the American Telephone
|
|
|
|
|
and Telegraph Company or of the Regents of the University of California.
|
|
|
|
|
|
|
|
|
|
Permission is granted to anyone to use this software for any purpose on
|
|
|
|
|
any computer system, and to alter it and redistribute it freely, subject
|
|
|
|
|
to the following restrictions:
|
|
|
|
|
|
|
|
|
|
1. The authors are not responsible for the consequences of use of this
|
|
|
|
|
software, no matter how awful, even if they arise from flaws in it.
|
|
|
|
|
|
|
|
|
|
2. The origin of this software must not be misrepresented, either by
|
|
|
|
|
explicit claim or by omission. Since few users ever read sources,
|
|
|
|
|
credits must appear in the documentation.
|
|
|
|
|
|
|
|
|
|
3. Altered versions must be plainly marked as such, and must not be
|
|
|
|
|
misrepresented as being the original software. Since few users
|
|
|
|
|
ever read sources, credits must appear in the documentation.
|
|
|
|
|
|
|
|
|
|
4. This notice may not be removed or altered.
|
|
|
|
|
|
|
|
|
|
@copyrightend
|
|
|
|
|
@end titlepage
|
|
|
|
|
|
|
|
|
|
@c Less filling! Tastes great!
|
|
|
|
|
@iftex
|
|
|
|
|
@parindent=0pt
|
|
|
|
|
@global@parskip 6pt plus 1pt
|
|
|
|
|
@global@chapheadingskip = 15pt plus 4pt minus 2pt
|
|
|
|
|
@global@secheadingskip = 12pt plus 3pt minus 2pt
|
|
|
|
|
@global@subsecheadingskip = 9pt plus 2pt minus 2pt
|
|
|
|
|
@end iftex
|
|
|
|
|
@ifinfo
|
|
|
|
|
@paragraphindent 0
|
|
|
|
|
@end ifinfo
|
|
|
|
|
|
|
|
|
|
@ifinfo
|
|
|
|
|
@node Top, Introduction, (dir), (dir)
|
|
|
|
|
@top KTH-krb
|
|
|
|
|
@end ifinfo
|
|
|
|
|
|
|
|
|
|
@menu
|
|
|
|
|
* Introduction::
|
|
|
|
|
* What is Kerberos?::
|
|
|
|
|
* Installing programs::
|
|
|
|
|
* How to set up a realm::
|
|
|
|
|
* One-Time Passwords::
|
|
|
|
|
* Resolving frequent problems::
|
|
|
|
|
* Acknowledgments::
|
|
|
|
|
* Index::
|
|
|
|
|
|
1999-09-19 14:19:32 +00:00
|
|
|
|
@detailmenu
|
1997-09-04 06:04:33 +00:00
|
|
|
|
--- The Detailed Node Listing ---
|
|
|
|
|
|
|
|
|
|
Installing programs
|
|
|
|
|
|
|
|
|
|
* Installing from source::
|
|
|
|
|
* Installing a binary distribution::
|
|
|
|
|
* Finishing the installation::
|
|
|
|
|
* Authentication modules::
|
|
|
|
|
|
|
|
|
|
Finishing the installation
|
|
|
|
|
|
|
|
|
|
* Authentication modules::
|
|
|
|
|
|
|
|
|
|
Authentication modules
|
|
|
|
|
|
|
|
|
|
* Digital SIA::
|
|
|
|
|
* IRIX::
|
|
|
|
|
* PAM::
|
|
|
|
|
|
|
|
|
|
How to set up a realm
|
|
|
|
|
|
|
|
|
|
* How to set up the kerberos server::
|
|
|
|
|
* Install the client programs::
|
|
|
|
|
* Install the kerberised services::
|
|
|
|
|
* Install a slave kerberos server::
|
|
|
|
|
* Cross-realm functionality ::
|
|
|
|
|
|
|
|
|
|
How to set up the kerberos server
|
|
|
|
|
|
|
|
|
|
* Choose a realm name::
|
|
|
|
|
* Choose a kerberos server::
|
|
|
|
|
* Install the configuration files::
|
|
|
|
|
* Install the /etc/services::
|
|
|
|
|
* Install the kerberos server::
|
|
|
|
|
* Set up the server::
|
|
|
|
|
* Add a few important principals::
|
|
|
|
|
* Start the server::
|
|
|
|
|
* Try to get tickets::
|
|
|
|
|
* Create initial ACL for the admin server::
|
|
|
|
|
* Start the admin server::
|
|
|
|
|
* Add users to the database::
|
|
|
|
|
* Automate the startup of the servers::
|
|
|
|
|
|
|
|
|
|
One-Time Passwords
|
|
|
|
|
|
|
|
|
|
* What are one time passwords?::
|
|
|
|
|
* When to use one time passwords?::
|
|
|
|
|
* Configuring OTPs::
|
|
|
|
|
|
|
|
|
|
Resolving frequent problems
|
|
|
|
|
|
|
|
|
|
* Problems compiling Kerberos::
|
1999-09-19 14:19:32 +00:00
|
|
|
|
* Problems with firewalls::
|
1997-09-04 06:04:33 +00:00
|
|
|
|
* Common error messages::
|
1999-09-19 14:19:32 +00:00
|
|
|
|
* Is Kerberos year 2000 safe?::
|
|
|
|
|
|
|
|
|
|
@end detailmenu
|
1997-09-04 06:04:33 +00:00
|
|
|
|
@end menu
|
|
|
|
|
|
|
|
|
|
@include intro.texi
|
|
|
|
|
@include whatis.texi
|
|
|
|
|
@include install.texi
|
|
|
|
|
@include setup.texi
|
|
|
|
|
@include otp.texi
|
|
|
|
|
@include problems.texi
|
|
|
|
|
@include ack.texi
|
|
|
|
|
@include index.texi
|
|
|
|
|
|
|
|
|
|
@c @shortcontents
|
|
|
|
|
@contents
|
|
|
|
|
|
|
|
|
|
@bye
|