[OpenAFS-devel] Suggestions to avoid troubling using Kerberos 5 with OpenAFS
Derek Atkins
warlord@MIT.EDU
10 Nov 2001 11:02:33 -0500
Jim Doyle <doyle@theworld.com> writes:
> [ 1 :: Change the password for the AFS server instance in your KDC ]
>
> [root@prozac etc]# kadmin.local
> Authenticating as principal jdoyle/admin@EXAMPLE.COM with password.
> kadmin.local: cpw -e des-cbc-crc:afs3 afs
> Enter password for principal "afs":
> Re-enter password for principal "afs":
> Password for "afs@EXAMPLE.COM" changed.
>
> [ 2 :: Randomize the AFS key and write to a keytab file ]
>
> kadmin.local: ktadd -k /usr/afs/etc/krb5.keytab -e des-cbc-crc:afs3 afs
> Entry for principal afs with kvno 5, encryption type DES cbc mode with
> CRC-32 added to keytab WRFILE:krb5.keytab.
> kadmin.local: quit
You shouldn't need to do both cpw and ktadd; the ktadd should
automatically change the password for you.
-derek
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available