Antwort: Easy question: keytab needed for client? [Virus checked]
denis.havlik@t-mobile.at
denis.havlik at t-mobile.at
Tue Apr 13 04:26:12 EDT 2004
>Now I would like to use another client in the network to connect
>slapd with kerberos-authentication. My questions are:
>- Do I need the /etc/krb5.keytab on each client?
No (see my other mail)
>- How can I handle security issues -- the keytab-file contains keys for
>different applications and hosts.
You can have as many keys u want. In particular, I have a separate keytab
for ldap, because ldap runs as user ldap, and can't read the
/etc/krb5.keytab.
>- Do I have to transmit the keytab file via sftpd or is there a kerberos
>tool for that?
kadmin.
hope this helps
Denis
More information about the Kerberos
mailing list