Edit the edu.mit.Kerberos file?

Sven Peters MrSven.Peters at epost.de
Sun Sep 29 09:05:01 EDT 2002 

Hi,

I just try to get familiar with Kerberos 4.5 and I read your online
Documentation
(http://web.mit.edu/macdev/Development/MITKerberos/Common/Documentation/
preferences-osx.html). 
I am using Mac OS X 10.2. I installed Mac OS X 10.2 Kerberos Extras.

Now I am at the point to configure the edu.mit.Kerberos file in
/Library/Preferences. As you wrote I need to know: ³...what realms exist,
what Kerberos versions are supported by them, and where to find the
servers.²
I guess I have to use my domain name intead of yours (ATHENA.MIT.EDU), but
I am not sure. How do I know if the Kerberos server at my Mac is running?.
Where to figure out what Kerberos versions are supported on my Mac. 

And is there a Documentation available that explains how the Kerberos
Authentication works? I just want to answer myself some simple questions
like: What user and password entries do I have to use in Kerberos? Are
these the user and password for my netinfo database account or already the
user and password for the program like Fetch? 

Your example for the edu.mit.Kerberos file entries online is the
following:

 ³Here is an example Kerberos configuration:

    [libdefaults]
        default_realm = ATHENA.MIT.EDU
        ticket_lifetime = 600
        default_tkt_enctypes = des-cbc-crc
        default_tgs_enctypes = des-cbc-crc

    [realms]
            ATHENA.MIT.EDU = {
                    kdc = kerberos.mit.edu:88
                    kdc = kerberos-1.mit.edu:88
                    kdc = kerberos-2.mit.edu:88
                    kdc = kerberos-3.mit.edu:88
                    admin_server = kerberos.mit.edu
                    default_domain = mit.edu
            }
            MEDIA-LAB.MIT.EDU = {
                    kdc = kerberos.media.mit.edu
                    admin_server = kerberos.media.mit.edu
            }

    [domain_realm]
        .mit.edu = ATHENA.MIT.EDU
        mit.edu = ATHENA.MIT.EDU
        .media.mit.edu = MEDIA-LAB.MIT.EDU
        media.mit.edu = MEDIA-LAB.MIT.EDU

    [v4 realms]
            ATHENA.MIT.EDU = {
                    kdc = kerberos.mit.edu
                    kdc = kerberos-1.mit.edu
                    kdc = kerberos-2.mit.edu
                    kdc = kerberos-3.mit.edu
                    admin_server = kerberos.mit.edu
                    default_domain = mit.edu
                    string_to_key_type = mit_string_to_key
            }
            UMICH.EDU = {
                    kdc = kerberos.umich.edu
                    admin_server = kerberos.umich.edu
                    default_domain = umich.edu
                    string_to_key_type = afs_string_to_key
            }

    [v4 domain_realm]
        .mit.edu = ATHENA.MIT.EDU
        mit.edu = ATHENA.MIT.EDU
        .umich.edu = UMICH.EDU
        umich.edu = UMICH.EDU²
        
So how do I know what to enter in the edu.mit.Kerberos file for my site?
And where to find it?
And at least what is the style and nomenclature of entries?

I hope you would like to give me a little advise in learning the
configuration of Kerberos.

Thank you already in before!

I hope to hear from you soon,

with regards,

Sven Peters

More information about the krbdev mailing list