Changeset 3597eb6 for postlfs/security/heimdal.xml
- Timestamp:
- 04/10/2006 06:38:22 PM (18 years ago)
- Branches:
- 10.0, 10.1, 11.0, 11.1, 11.2, 11.3, 12.0, 12.1, 6.2, 6.2.0, 6.2.0-rc1, 6.2.0-rc2, 6.3, 6.3-rc1, 6.3-rc2, 6.3-rc3, 7.10, 7.4, 7.5, 7.6, 7.6-blfs, 7.6-systemd, 7.7, 7.8, 7.9, 8.0, 8.1, 8.2, 8.3, 8.4, 9.0, 9.1, basic, bdubbs/svn, elogind, gnome, kde5-13430, kde5-14269, kde5-14686, kea, ken/TL2024, ken/inkscape-core-mods, ken/tuningfonts, krejzi/svn, lazarus, lxqt, nosym, perl-modules, plabs/newcss, plabs/python-mods, python3.11, qt5new, rahul/power-profiles-daemon, renodr/vulkan-addition, systemd-11177, systemd-13485, trunk, upgradedb, xry111/intltool, xry111/llvm18, xry111/soup3, xry111/test-20220226, xry111/xf86-video-removal
- Children:
- 977061b0
- Parents:
- 0e2aa08
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
postlfs/security/heimdal.xml
r0e2aa08 r3597eb6 105 105 and the KDC server is more than 5 minutes.</para> 106 106 </note> 107 108 <para condition="html" role="usernotes">User Notes: 109 <ulink url="&blfs-wiki;/heimdal"/></para> 107 110 108 111 </sect2> … … 308 311 309 312 [libdefaults] 310 default_realm = <replaceable> [EXAMPLE.COM]</replaceable>313 default_realm = <replaceable><EXAMPLE.COM></replaceable> 311 314 encrypt = true 312 315 313 316 [realms] 314 <replaceable> [EXAMPLE.COM]</replaceable> = {315 kdc = <replaceable> [hostname.example.com]</replaceable>316 admin_server = <replaceable> [hostname.example.com]</replaceable>317 kpasswd_server = <replaceable> [hostname.example.com]</replaceable>317 <replaceable><EXAMPLE.COM></replaceable> = { 318 kdc = <replaceable><hostname.example.com></replaceable> 319 admin_server = <replaceable><hostname.example.com></replaceable> 320 kpasswd_server = <replaceable><hostname.example.com></replaceable> 318 321 } 319 322 320 323 [domain_realm] 321 .<replaceable> [example.com]</replaceable> = <replaceable>[EXAMPLE.COM]</replaceable>324 .<replaceable><example.com></replaceable> = <replaceable><EXAMPLE.COM></replaceable> 322 325 323 326 [logging] … … 331 334 332 335 <para>You will need to substitute your domain and proper hostname 333 for the occurrences of the <replaceable> [hostname]</replaceable>334 and <replaceable> [EXAMPLE.COM]</replaceable> names.</para>336 for the occurrences of the <replaceable><hostname></replaceable> 337 and <replaceable><EXAMPLE.COM></replaceable> names.</para> 335 338 336 339 <para><option>default_realm</option> should be the name of your … … 372 375 statement:</para> 373 376 374 <screen role="root"><userinput>init <replaceable> [EXAMPLE.COM]</replaceable></userinput></screen>377 <screen role="root"><userinput>init <replaceable><EXAMPLE.COM></replaceable></userinput></screen> 375 378 376 379 <para>The database must now be populated with at least one principle … … 379 382 statement:</para> 380 383 381 <screen role="root"><userinput>add <replaceable> [loginname]</replaceable></userinput></screen>384 <screen role="root"><userinput>add <replaceable><loginname></replaceable></userinput></screen> 382 385 383 386 <para>The KDC server and any machine running kerberized 384 387 server daemons must have a host key installed:</para> 385 388 386 <screen role="root"><userinput>add --random-key host/<replaceable> [hostname.example.com]</replaceable></userinput></screen>389 <screen role="root"><userinput>add --random-key host/<replaceable><hostname.example.com></replaceable></userinput></screen> 387 390 388 391 <para>After choosing the defaults when prompted, you will have to 389 392 export the data to a keytab file:</para> 390 393 391 <screen role="root"><userinput>ext host/<replaceable> [hostname.example.com]</replaceable></userinput></screen>394 <screen role="root"><userinput>ext host/<replaceable><hostname.example.com></replaceable></userinput></screen> 392 395 393 396 <para>This should have created two files in … … 402 405 way you created the host principles. Below is an example:</para> 403 406 404 <screen role="root"><userinput>add --random-key ftp/<replaceable> [hostname.example.com]</replaceable></userinput></screen>407 <screen role="root"><userinput>add --random-key ftp/<replaceable><hostname.example.com></replaceable></userinput></screen> 405 408 406 409 <para>(choose the defaults)</para> 407 410 408 <screen role="root"><userinput>ext ftp/<replaceable> [hostname.example.com]</replaceable></userinput></screen>411 <screen role="root"><userinput>ext ftp/<replaceable><hostname.example.com></replaceable></userinput></screen> 409 412 410 413 <para>Exit the <command>kadmin</command> program (use … … 418 421 the following command:</para> 419 422 420 <screen><userinput>kinit <replaceable> [loginname]</replaceable></userinput></screen>423 <screen><userinput>kinit <replaceable><loginname></replaceable></userinput></screen> 421 424 422 425 <para>You will be prompted for the password you created. After you get … … 477 480 unused port number. Add an entry to the <filename>services</filename> 478 481 file similar to the entry below (substitute your chosen port number 479 for <replaceable> [49150]</replaceable>):</para>480 481 <screen><literal>kx <replaceable> [49150]</replaceable>/tcp # Heimdal kerberos X482 kx <replaceable> [49150]</replaceable>/udp # Heimdal kerberos X</literal></screen>482 for <replaceable><49150></replaceable>):</para> 483 484 <screen><literal>kx <replaceable><49150></replaceable>/tcp # Heimdal kerberos X 485 kx <replaceable><49150></replaceable>/udp # Heimdal kerberos X</literal></screen> 483 486 484 487 <para>For additional information consult <ulink … … 508 511 telnet, telnetd, tenletxr, truncate-log, verify_krb5_conf 509 512 and xnlock</seg> 510 <seg>libasn1. [so,a], libeditline.[so,a], libgssapi.[so,a],511 libhdb. [so,a], libkadm5clnt.[so,a], libkadm5srv.[so,a], libkafs.[so,a],512 libkrb5. [so,a], libotp.[so,a], libroken.[so,a], libsl.[so,a]513 and libss. [so,a]</seg>513 <seg>libasn1.{so,a}, libeditline.{so,a}, libgssapi.{so,a}, 514 libhdb.{so,a}, libkadm5clnt.{so,a}, libkadm5srv.{so,a}, libkafs.{so,a}, 515 libkrb5.{so,a}, libotp.{so,a}, libroken.{so,a}, libsl.{so,a} 516 and libss.{so,a}</seg> 514 517 <seg>/etc/heimdal, /usr/include/kadm5, 515 518 /usr/share/doc/heimdal-&heimdal-version; and /var/lib/heimdal</seg> … … 975 978 976 979 <varlistentry id="libasn1"> 977 <term><filename class='libraryfile'>libasn1. [so,a]</filename></term>980 <term><filename class='libraryfile'>libasn1.{so,a}</filename></term> 978 981 <listitem> 979 982 <para>provides the ASN.1 and DER functions to encode and decode 980 983 the Kerberos TGTs.</para> 981 984 <indexterm zone="heimdal libasn1"> 982 <primary sortas="c-libasn1">libasn1. [so,a]</primary>985 <primary sortas="c-libasn1">libasn1.{so,a}</primary> 983 986 </indexterm> 984 987 </listitem> … … 996 999 997 1000 <varlistentry id="libgssapi"> 998 <term><filename class='libraryfile'>libgssapi. [so,a]</filename></term>1001 <term><filename class='libraryfile'>libgssapi.{so,a}</filename></term> 999 1002 <listitem> 1000 1003 <para>contain the Generic Security Service Application Programming … … 1004 1007 portability of applications to different environments.</para> 1005 1008 <indexterm zone="heimdal libgssapi"> 1006 <primary sortas="c-libgssapi">libgssapi. [so,a]</primary>1009 <primary sortas="c-libgssapi">libgssapi.{so,a}</primary> 1007 1010 </indexterm> 1008 1011 </listitem> … … 1010 1013 1011 1014 <varlistentry id="libhdb"> 1012 <term><filename class='libraryfile'>libhdb. [so,a]</filename></term>1015 <term><filename class='libraryfile'>libhdb.{so,a}</filename></term> 1013 1016 <listitem> 1014 1017 <para>is a <application>Heimdal</application> Kerberos 5 1015 1018 authentication/authorization database access library.</para> 1016 1019 <indexterm zone="heimdal libhdb"> 1017 <primary sortas="c-libhdb">libhdb. [so,a]</primary>1020 <primary sortas="c-libhdb">libhdb.{so,a}</primary> 1018 1021 </indexterm> 1019 1022 </listitem> … … 1021 1024 1022 1025 <varlistentry id="libkadm5clnt"> 1023 <term><filename class='libraryfile'>libkadm5clnt. [so,a]</filename></term>1026 <term><filename class='libraryfile'>libkadm5clnt.{so,a}</filename></term> 1024 1027 <listitem> 1025 1028 <para>contains the administrative authentication and password 1026 1029 checking functions required by Kerberos 5 client-side programs.</para> 1027 1030 <indexterm zone="heimdal libkadm5clnt"> 1028 <primary sortas="c-libkadm5clnt">libkadm5clnt. [so,a]</primary>1031 <primary sortas="c-libkadm5clnt">libkadm5clnt.{so,a}</primary> 1029 1032 </indexterm> 1030 1033 </listitem> … … 1032 1035 1033 1036 <varlistentry id="libkadm5srv"> 1034 <term><filename class='libraryfile'>libkadm5srv. [so,a]</filename></term>1037 <term><filename class='libraryfile'>libkadm5srv.{so,a}</filename></term> 1035 1038 <listitem> 1036 1039 <para>contain the administrative authentication and password 1037 1040 checking functions required by Kerberos 5 servers.</para> 1038 1041 <indexterm zone="heimdal libkadm5srv"> 1039 <primary sortas="c-libkadm5srv">libkadm5srv. [so,a]</primary>1042 <primary sortas="c-libkadm5srv">libkadm5srv.{so,a}</primary> 1040 1043 </indexterm> 1041 1044 </listitem> … … 1043 1046 1044 1047 <varlistentry id="libkafs"> 1045 <term><filename class='libraryfile'>libkafs. [so,a]</filename></term>1048 <term><filename class='libraryfile'>libkafs.{so,a}</filename></term> 1046 1049 <listitem> 1047 1050 <para>contains the functions required to authenticated to AFS.</para> 1048 1051 <indexterm zone="heimdal libkafs"> 1049 <primary sortas="c-libkafs">libkafs. [so,a]</primary>1052 <primary sortas="c-libkafs">libkafs.{so,a}</primary> 1050 1053 </indexterm> 1051 1054 </listitem> … … 1053 1056 1054 1057 <varlistentry id="libkrb5"> 1055 <term><filename class='libraryfile'>libkrb5. [so,a]</filename></term>1058 <term><filename class='libraryfile'>libkrb5.{so,a}</filename></term> 1056 1059 <listitem> 1057 1060 <para>is an all-purpose Kerberos 5 library.</para> 1058 1061 <indexterm zone="heimdal libkrb5"> 1059 <primary sortas="c-libkrb5">libkrb5. [so,a]</primary>1062 <primary sortas="c-libkrb5">libkrb5.{so,a}</primary> 1060 1063 </indexterm> 1061 1064 </listitem> … … 1063 1066 1064 1067 <varlistentry id="libotp"> 1065 <term><filename class='libraryfile'>libotp. [so,a]</filename></term>1068 <term><filename class='libraryfile'>libotp.{so,a}</filename></term> 1066 1069 <listitem> 1067 1070 <para>contains the functions required to handle authenticating 1068 1071 one time passwords.</para> 1069 1072 <indexterm zone="heimdal libotp"> 1070 <primary sortas="c-libotp">libotp. [so,a]</primary>1073 <primary sortas="c-libotp">libotp.{so,a}</primary> 1071 1074 </indexterm> 1072 1075 </listitem> … … 1074 1077 1075 1078 <varlistentry id="libroken"> 1076 <term><filename class='libraryfile'>libroken. [so,a]</filename></term>1079 <term><filename class='libraryfile'>libroken.{so,a}</filename></term> 1077 1080 <listitem> 1078 1081 <para>is a library containing Kerberos 5 compatibility 1079 1082 functions.</para> 1080 1083 <indexterm zone="heimdal libroken"> 1081 <primary sortas="c-libroken">libroken. [so,a]</primary>1084 <primary sortas="c-libroken">libroken.{so,a}</primary> 1082 1085 </indexterm> 1083 1086 </listitem>
Note:
See TracChangeset
for help on using the changeset viewer.