Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!cpk-news-hub1.bbnplanet.com!cam-news-hub1.bbnplanet.com!news.bbnplanet.com!panix!news.panix.com!not-for-mail From: tls@panix.com (Thor Lancelot Simon) Newsgroups: comp.unix.bsd.netbsd.misc Subject: Re: Kerberos functionality/configuration for NetBSD 1.2 Date: 10 Feb 1997 18:29:01 -0500 Organization: Panix Lines: 58 Message-ID: <5doavt$kbk@panix2.panix.com> References: <5dntom$lbt@alexander.INS.CWRU.Edu> Reply-To: tls@rek.tjls.com NNTP-Posting-Host: panix2.panix.com Xref: euryale.cc.adfa.oz.au comp.unix.bsd.netbsd.misc:5335 In article <5dntom$lbt@alexander.INS.CWRU.Edu>, Wes Brown <wes@prozac.student.cwru.edu> wrote: >Well I finally have my hp300 running NetBSD via a very magical setup. Now >I would like to get Kerberos IV connections to this box. The release >version of NetBSD 1.2 did not have the libraries (libkrb.so.2.0...) that >were needed even though I downloaded the full domestic section as well as >all the other binaries. It sounds like the domestic portion of the hp300 distribution wasn't built correctly. Since I'm not the hp300 port maintainer, I can't speak to that. However, 1.2 did ship with function Kerberos clients, servers, and libraries. I use them every day. >I have since downloaded the NetBSD-current/domestic directory and built >that. All of the libraries built and installed. However, the program >klist does not work. The error that is returned reads as follows: >/usr/libexec/ld.so: Undefined symbol "_crypt" in klist:/usr/lib/libkrb.so.2.0 You seem to have the exportable version of libcrypt installed. Did you build and install *all* of domestic/lib, or just the Kerberos libraries? Kerberos is dependent upon the libcrypt encryption functionality, which isn't in the exportable version of libcrypt. >Is there a working verion of klist out there? Is there documentation Yes, the version in the source tree works just fine: | > klist | Ticket file: /tmp/tkt666 | Principal: tls@ATHENA.MIT.EDU | | Issued Expires Principal | Feb 10 17:24:42 Feb 11 03:24:42 krbtgt.ATHENA.MIT.EDU@ATHENA.MIT.EDU >somewhere on the entire KerberosIV on NetBSD? Is there some reason why it The manual pages are decent. From a user's point-of-view, we're just like MIT Kerberos except that some files have moved around, and the manual pages do indicate where those are. Perhaps we should ship a few of the MIT papers in /usr/share/doc. >would be using crypt instead of the other crypts in the kerberos package? The string-to-key routines use crypt() to make a key from the password string. You can't do otherwise and be compatible with MIT Kerberos IV; AFS does do things a bit differently, and you can build our libs to work that way if you like. >Is there a good reason why these kerberos libraries are shared libraries? Is there a good reason why *any* libraries are shared libraries? Same reason. -- Thor Lancelot Simon tls@panix.COM Stumbling drunk in the railyard looking for God: http://www.panix.com/~tls/