[OpenAFS] question about authentication with kerberos and Default principal

Harald Barth haba@kth.se
Sat, 03 Mar 2018 21:46:59 +0100 (CET)

> Does  heimdal-klist use /etc/krb5.conf or does it use some other
> configuration file? I'm worried I did not set up a config file.

It should use /etc/krb5.conf as well unless KRB5_CONFIG is set.

You should have something like:

        default_realm = YOURDOMAIN

in there.

> [gsgatlin@localhost ~]$ /usr/bin/heimdal-kinit gsgatlin

or use 

/usr/bin/heimdal-kinit gsgatlin@YOURDOMAIN

> Also, going back to the krb5 kinit, how can you specify a FILE: ticket
> cache type ?

Both MIT kinit and heimdal kinit honor the KRB5CCNAME environment
variable which has the form TYPE:location thus a typical way to set
your FILE cache is:

export KRB5CCNAME=FILE:/tmp/krb5cc_`id -u`

Btw: As FILE: is the oldest ticket cache type and the default, any
file name will do. For example:

export KRB5CCNAME=/tmp/whatever

will set it to /tmp/whatever