Kerberos-4 client configuration

kumar kumareshind at gmx.net
Tue Jul 23 04:06:04 EST 2002 

Thanks for all your responses.I could manage to sync the time.But i found
trouble in making the services to communicate through Kerberos.

Any good tutorial available for kerberos authentication setup.
I am using a tutorial
http://www.pdc.kth.se/kth-krb/doc/kth-krb_4.html
This helped me more to set the server and the client.

The above tutorial contains one info like this:
----------------------------------------------------------------------------
-------
"If no matching realm is found in `krb.realms', DNS is searched for the
correct realm.
For example, if we are looking for host `a.b.c', `krb4-realm.a.b.c' is first
tried and then
`krb4-realm.b.c' and so on. The entry should be a TXT record containing the
name of
the realm, such as:

krb4-realm.pdc.kth.se.  7200    TXT     "NADA.KTH.SE"
----------------------------------------------------------------------------
------------
Where should we add this line?To what file we have to add this line?

I am using a client machine running HP-UX (11.11) , kerberos-IV, Version
1.1.4.
Server Linux(2.4.17) , kerberos-IV version 1.1.4 as the server.Do we have to
add any entry in DNS to use kerberos?

thanks,
Kumaresh

>
> One normally runs ntpd on every machine and configures it to fetch time
> >from one of the atomic clocks.  That should keep your machines in sync
> enough for Kerb not to whine.
>
> - Ben
>
> On Mon, 22 Jul 2002, kumar wrote:
>
> > Hi all,
> >
> > I want to configure Kerberos as the authenticating service for Secure
> > Shell.I am using a Linux machine as the KDC.
> > I have successfully configured the server (Linux machine) as KDC.
> > My client machine is HP-UX Version 11.11.
> > Now when i initialize the client for kerberos by running "kinit" in the
> > HP-UX machine(client), it displays
> > "kinit: Time is out of bounds (krb_rd_req)".
> > Documents educated me to use NTP to synchronize the time of the server
and
> > the client.I could run service "ntpd" in server(Linux machine).
> > So anybody please educate me how to synchronize the two machine's time
so
> > that i can use the kerberos service.
> >
> > Thanks in advance.
> > -Kumaresh.
> >
> >
> >
> > _______________________________________________
> > openssh-unix-dev at mindrot.org mailing list
> > http://www.mindrot.org/mailman/listinfo/openssh-unix-dev
> >

More information about the openssh-unix-dev mailing list