@xtccc
2015-09-22T09:30:26.000000Z
字数 823
阅读 2505
Kerberos
在安装好Kerberos的软件之后,会用到几个配置文件,例如
+ /etc/krb5.conf
+ /var/kerberos/krb5kdc/kdc.conf
可以用命令man krb5.conf
来查看关于该配置文件的说明
先看一下该文件的模板:
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
default_realm = EXAMPLE.COM
dns_lookup_realm = false
dns_lookup_kdc = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
[realms]
EXAMPLE.COM = {
kdc = example.com
admin_server = example.com
}
[domain_realm]
.example.com = EXAMPLE.COM
example.com = EXAMPLE.COM
关于几个重要配置项的说明
+ [realms].kdc
: the name of the host running a KDC for that realm.
+ [realms].admin_server
: identifies the host where the administration server is running. Typically this is the Master Kerberos server.
+ [domain_realm]
: provides a translation from a hostname to the Kerberos realm name for the service provided by that host.