[OpenAFS] question about authentication with kerberos and
Default principal
Harald Barth
haba@kth.se
Sat, 03 Mar 2018 21:46:59 +0100 (CET)
> Does heimdal-klist use /etc/krb5.conf or does it use some other
> configuration file? I'm worried I did not set up a config file.
It should use /etc/krb5.conf as well unless KRB5_CONFIG is set.
You should have something like:
[libdefaults]
default_realm = YOURDOMAIN
in there.
> [gsgatlin@localhost ~]$ /usr/bin/heimdal-kinit gsgatlin
or use
/usr/bin/heimdal-kinit gsgatlin@YOURDOMAIN
> Also, going back to the krb5 kinit, how can you specify a FILE: ticket
> cache type ?
Both MIT kinit and heimdal kinit honor the KRB5CCNAME environment
variable which has the form TYPE:location thus a typical way to set
your FILE cache is:
export KRB5CCNAME=FILE:/tmp/krb5cc_`id -u`
Btw: As FILE: is the oldest ticket cache type and the default, any
file name will do. For example:
export KRB5CCNAME=/tmp/whatever
will set it to /tmp/whatever
Greetings,
Harald.