adding keys to the client database
Maxwell Bottiger
sleepylight at gmail.com
Thu Sep 1 00:51:59 EDT 2005
Hi.
My venture into kerberos setups is going pretty well so far. I've been able
to build a KDC, connect to it, and add keys for my users and for my hosts.
Now however, I'm running into big problems trying to install the keys onto
the client machines. The tutorial I'm following says that after I create the
host keys I should run:
ktadd -k /etc/krb5.keytab host/blah.example.com <http://blah.example.com>
from inside the client side kadmin program. I've done that, but it's not
working right. Here's a transcrip of my session:
[root at minitop ~]# kadmin
Authenticating as principal root/admin at XXXXXXXXXX.NET with password.
Password for root/admin at XXXXXXXXXXX.NET:
kadmin: ktadd -k /etc/krb5.keytab host/minitop.xxxxxxxxxxx.net
kadmin: Insufficient access to lock database while changing
host/minitop.xxxxxxxxxxx.net's key
kadmin: q
I also get this same insufficient access message when I try to change user
passwords with kpasswd. I've looked on google but haven't found much of
anything. Has anyone else run into this problem?
More information about the Kerberos
mailing list