[OpenAFS] Initial server setup
Martin Lütken
mlu@danware.dk
Sat, 21 Apr 2007 00:08:53 +0200
This is a multi-part message in MIME format.
------_=_NextPart_001_01C78398.8498613F
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Hi again
Still trying to set op the OpenAFS server with Kerberos.
A few questions:
- Is a problem to have all kadmin, kdc, openafs server, and open =
afsclient
on same machine? Easier if I can very fy the server setup of =
kerberos/openafs,
on just one machine.
- I have gotten to the part in your "krb5Scripts.txt" file with haedline
"Create an AFS principal in the Kerberos database. Call it:"
Ok then I do that but when I come to "asetkey list" command to list my
AFS KeyFile, it seems I have no such keyfile. How can I create that ?
- I got your fine "afs-client" script along with the aliases "startc", =
"stopc"
to work fine. But what do I need to have set up before trying to =
invoke
"afs-server". But perhaps it's the very final step :-) ?
My kdc.conf, kadm5.acl and krb5.conf files currently look like this:
-- kdc.conf --
[kdcdefaults]
acl_file =3D /var/lib/kerberos/krb5kdc/kadm5.acl
dict_file =3D /usr/share/dict/words
admin_keytab =3D /var/lib/kerberos/krb5kdc/kadm5.keytab
v4_mode =3D nopreauth
[realms]
DELTA.LOCAL =3D {
master_key_type =3D des-cbc-crc
supported_enctypes =3D arcfour-hmac:normal arcfour-hmac:norealm =
arcfour-hmac:onlyrealm des3-hmac-sha1:normal des-hmac-sha1:normal =
des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 des-cbc-crc:afs3
}
------_=_NextPart_001_01C78398.8498613F
Content-Type: text/html;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 3.2//EN">
<HTML>
<HEAD>
<META HTTP-EQUIV=3D"Content-Type" CONTENT=3D"text/html; =
charset=3Diso-8859-1">
<META NAME=3D"Generator" CONTENT=3D"MS Exchange Server version =
6.5.7651.59">
<TITLE>RE: [OpenAFS] Initial server setup</TITLE>
</HEAD>
<BODY>
<!-- Converted from text/plain format -->
<P><FONT SIZE=3D2>Hi again<BR>
<BR>
Still trying to set op the OpenAFS server with Kerberos.<BR>
A few questions:<BR>
- Is a problem to have all kadmin, kdc, openafs server, and open =
afsclient<BR>
on same machine? Easier if I can very fy the server setup of =
kerberos/openafs,<BR>
on just one machine.<BR>
<BR>
- I have gotten to the part in your "krb5Scripts.txt" file =
with haedline<BR>
"Create an AFS principal in the Kerberos database. =
Call it:"<BR>
Ok then I do that but when I come to "asetkey list" =
command to list my<BR>
AFS KeyFile, it seems I have no such keyfile. How can I create =
that ?<BR>
<BR>
- I got your fine "afs-client" script along with the aliases =
"startc", "stopc"<BR>
to work fine. But what do I need to have set up before trying to =
invoke<BR>
"afs-server". But perhaps it's the very final step :-) =
?<BR>
<BR>
<BR>
My kdc.conf, kadm5.acl and krb5.conf files currently look like this:<BR>
<BR>
-- kdc.conf --<BR>
[kdcdefaults]<BR>
acl_file =3D /var/lib/kerberos/krb5kdc/kadm5.acl<BR>
dict_file =3D /usr/share/dict/words<BR>
admin_keytab =3D /var/lib/kerberos/krb5kdc/kadm5.keytab<BR>
v4_mode =3D nopreauth<BR>
<BR>
[realms]<BR>
DELTA.LOCAL =3D {<BR>
master_key_type =3D des-cbc-crc<BR>
supported_enctypes =3D arcfour-hmac:normal arcfour-hmac:norealm =
arcfour-hmac:onlyrealm des3-hmac-sha1:normal des-hmac-sha1:normal =
des-cbc-md5:normal des-cbc-crc:normal des-cbc-crc:v4 =
des-cbc-crc:afs3<BR>
}<BR>
<BR>
</FONT>
</P>
</BODY>
</HTML>
------_=_NextPart_001_01C78398.8498613F--