Antwort: Easy question: keytab needed for client? [Virus checked]

denis.havlik@t-mobile.at denis.havlik at t-mobile.at
Tue Apr 13 04:26:12 EDT 2004


>Now I would like to use another client in the network to connect
>slapd with kerberos-authentication. My questions are:
>- Do I need the /etc/krb5.keytab on each client?

No (see my other mail)

>- How can I handle security issues -- the keytab-file contains keys for
>different applications and hosts.

You can have as many keys u want. In particular, I have a separate keytab 
for ldap, because ldap runs as user ldap, and can't read the 
/etc/krb5.keytab.

>- Do I have to transmit the keytab file  via sftpd or is there a kerberos
>tool for that?

kadmin. 

hope this helps
        Denis



More information about the Kerberos mailing list