Return to BSD News archive
Path: euryale.cc.adfa.oz.au!newshost.carno.net.au!harbinger.cc.monash.edu.au!lucy.swin.edu.au!news.rmit.EDU.AU!news.unimelb.edu.au!munnari.OZ.AU!news.ecn.uoknor.edu!feed1.news.erols.com!cpk-news-hub1.bbnplanet.com!news.bbnplanet.com!news-peer.sprintlink.net!sprint!news-pull.sprintlink.net!news.sprintlink.net!news.wwa.com!news.ucdavis.edu!quadrophenia.ucdavis.edu!ccjason From: ccjason@quadrophenia.ucdavis.edu (Jason Gabler) Newsgroups: comp.unix.bsd.freebsd.misc Subject: Re: kerberos - help :) Date: 21 Apr 1997 21:43:57 GMT Organization: University of California, Davis Lines: 53 Message-ID: <5jgn2t$b71$1@mark.ucdavis.edu> References: <5j37h6$6n1@usenet88.supernews.com> NNTP-Posting-Host: quadrophenia.ucdavis.edu X-Newsreader: TIN [version 1.2 PL2] Xref: euryale.cc.adfa.oz.au comp.unix.bsd.freebsd.misc:39496 : This is what I get: : bash$ su : su: kerberos: not in root's ACL. : bash# : I assume that I need to start the kerberos server, but I get this in : /var/log/kerberos.log: : 16-Apr-97 14:49:57 kerberos: couldn't get master key. kerberos isn't your problem. try giving root a password with the `passwd' program. But you'll have to get the non kerberized version to do this. I run kerberos w/o a root principal. Root is local. To do this you will need the regular, non-kerberized and the normal `passwd' programs. Call one `passwd' and the other `kpasswd'. This will allow people to change both passwords. Of course you dont need that scenario if you will have 100% kerberized access. If that's the case, you better read up on kerberos. Go to athena-dist.mit.edu:/pub/kerberos and grb some documentation. : I was playing around and reading the man pages and saw that there is a : kadmin utility so I tried adding a user with it, but I get: : admin: ank j : kadm error for realm ATHENA.MIT.EDU: Could not find administrating host : Now, I think that I need to delete the realm ATHENA.MIT.EDU and add : a realm for our server, but I can't figure it out. Are there any : config files for kerberos or anything? Do I even have a clue about : kerberos? :) Anyone know how to remove kerberos so that su acts like : it did in 2.1.7? replace the appropriate programs, /bin/login, /usr/bin/rlogin, etc... with the normal, non-kerberized versions. : Thanks for your time, : J Also, you might want to consider using kerberos v5 instead of the v4 that comes with FreeBSD. It compiles extrememly easily -- Lehitra'ot! jason .,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,.,., | "We've all heard that a million monkeys banging on a million typewriters | | will eventually reproduce the entire works of Shakespeare. Now, thanks | | to the Internet, we know this is not true." - Robert Wilensky, ILP 1996 | |--------------------------------------------------------------------------| | Jason Gabler * Programmer/Analyst * Information Technology * U.C. Davis | | 415 752 1969 ------ httpd://quadrophenia.ucdavis.edu ------ 916 752 9215 | `'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'`'