[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Fsfe-france] kerberos on fr.fsf.org
From: |
loic |
Subject: |
[Fsfe-france] kerberos on fr.fsf.org |
Date: |
Mon, 14 May 2001 22:41:23 +0200 |
>
> BTW, the fact that fr.fsf.org is behind NAT probably means that we
> won't ever be able to use kerberos to connect to it, which I think is
> kind of poor.
Interesting question. Vincent (address@hidden) who designed
the network at Nevrax will be able to tell more. The setup of the "NAT"
is not like any other I know.
I did
apt-get install krb5-user
and got
address@hidden:~$ kinit address@hidden
kinit(v5): Cannot resolve network address for KDC in requested realm while
getting initial credentials
address@hidden:~$
I'm not familiar enough with kerberos to figure out what's wrong.
I installed /etc/krb5.conf with the following (probably old,
that's the one I got a year ago for my machine but it still works well
on another machine):
[libdefaults]
default_realm = GNU.org
default_tgs_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
default_tkt_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
permitted_enctypes = des3-hmac-sha1 des-cbc-crc des-cbc-md5
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
[realms]
ATHENA.MIT.EDU = {
kdc = kerberos.mit.edu:88
kdc = kerberos-1.mit.edu:88
kdc = kerberos-2.mit.edu:88
kdc = kerberos-3.mit.edu:88
admin_server = kerberos.mit.edu
default_domain = mit.edu
}
MEDIA-LAB.MIT.EDU = {
kdc = kerberos.media.mit.edu
admin_server = kerberos.media.mit.edu
}
ZONE.MIT.EDU = {
kdc = casio.mit.edu
kdc = seiko.mit.edu
admin_server = casio.mit.edu
}
MOOF.MIT.EDU = {
kdc = three-headed-dogcow.mit.edu:88
kdc = three-headed-dogcow-1.mit.edu:88
admin_server = three-headed-dogcow.mit.edu
}
CYGNUS.COM = {
kdc = KERBEROS.CYGNUS.COM
kdc = KERBEROS-1.CYGNUS.COM
admin_server = KERBEROS.CYGNUS.COM
}
GREY17.ORG = {
kdc = kerberos.grey17.org
admin_server = kerberos.grey17.org
}
IHTFP.ORG = {
kdc = kerberos.ihtfp.org
admin_server = kerberos.ihtfp.org
}
GNU.ORG = {
kdc = kerberos.gnu.org
kdc = kerberos-2.gnu.org
kdc = kerberos-3.gnu.org
admin_server = kerberos.gnu.org
}
1TS.ORG = {
kdc = kerberos.1ts.org
admin_server = kerberos.1ts.org
}
GRATUITOUS.ORG = {
kdc = kerberos.gratuitous.org
admin_server = kerberos.gratuitous.org
}
DOOMCOM.ORG = {
kdc = kerberos.doomcom.org
admin_server = kerberos.doomcom.org
}
[domain_realm]
.mit.edu = ATHENA.MIT.EDU
mit.edu = ATHENA.MIT.EDU
.media.mit.edu = MEDIA-LAB.MIT.EDU
media.mit.edu = MEDIA-LAB.MIT.EDU
.whoi.edu = ATHENA.MIT.EDU
whoi.edu = ATHENA.MIT.EDU
[login]
krb4_convert = true
krb4_get_tickets = true
- [Fsfe-france] kerberos on fr.fsf.org,
loic <=