Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!news.rmit.EDU.AU!news.unimelb.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!news.maxwell.syr.edu!supernews.com!www.bitstorm.net!j From: J Rowley <j@www.bitstorm.net> Newsgroups: comp.unix.bsd.freebsd.misc Subject: kerberos - help :) Date: 16 Apr 1997 18:58:46 GMT Organization: All USENET -- http://www.Supernews.com Lines: 28 Message-ID: <5j37h6$6n1@usenet88.supernews.com> NNTP-Posting-Host: ns2.bitstorm.net X-Newsreader: TIN [UNIX 1.3 unoff BETA 970309; i386 FreeBSD 2.1.5-RELEASE] Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:39181 I just installed 2.2.1 onto a new server here and I installed kerberos. Now that I've done this, anyone in the wheel group can su to root without a passwd. Oops :) This is what I get: bash$ su su: kerberos: not in root's ACL. bash# I assume that I need to start the kerberos server, but I get this in /var/log/kerberos.log: 16-Apr-97 14:49:57 kerberos: couldn't get master key. I was playing around and reading the man pages and saw that there is a kadmin utility so I tried adding a user with it, but I get: admin: ank j kadm error for realm ATHENA.MIT.EDU: Could not find administrating host Now, I think that I need to delete the realm ATHENA.MIT.EDU and add a realm for our server, but I can't figure it out. Are there any config files for kerberos or anything? Do I even have a clue about kerberos? :) Anyone know how to remove kerberos so that su acts like it did in 2.1.7? Thanks for your time, J