Is there a way to steer kinit to a specific kdc?
Dan Mahoney (Gushi)
danm at prime.gushi.org
Wed Apr 5 00:52:58 EDT 2023
Hey there all.
I'm writing up a Nagios check to make sure our KDC's are answering, and
rather than just sending a tcp/udp probe to port 88, I want to actually
get a ticket, probably by using a keytab and an otherwise unprivileged
user.
I'm reading about one such plugin, here:
https://exchange.nagios.org/directory/Plugins/Security/check_kdc/details
and it looks *okay*. I'm not super invested in reinventing the wheel.
It's a fairly simple shell script.
It *looks* like, in order to check basically fakes this out with a
krb5.conf that only includes a single KDC (the one being tested).
Is that really the best way to go about it?
Can neither mit kinit nor the heimdal one supplied with BSD systems by
default, not just be forced to a single KDC?
-Dan
--
--------Dan Mahoney--------
Techie, Sysadmin, WebGeek
Gushi on efnet/undernet IRC
FB: fb.com/DanielMahoneyIV
LI: linkedin.com/in/gushi
Site: http://www.gushi.org
---------------------------
More information about the Kerberos
mailing list