[2024-feb-29] Sad news: Eric Layton aka Nocturnal Slacker aka vtel57 passed away on Feb 26th, shortly after hospitalization. He was one of our Wiki's most prominent admins. He will be missed.
This is an old revision of the document!
Table of Contents
Install and configuring kerberos On Slackware without PAM
The KDC
This procedure will result in a new Kerberos realm. If you already have access to a Kerberos KDC, you can skip to the client and application server parts. Also, the below procedure is very abbreviated and is not a substitute for reading the documentation supplied in the package or on the MIT Kerberos website.
- Install krb (you can download and build it from http://slackbuilds.org/repository/14.1/network/krb5/)
- Configure /etc/krb5.conf, /var/krb5kdc/kdc.conf and /var/krb5kdc/kadm5.acl . These files are examples which you should adjust after reading the Kerberos documentation.
krb5.conf
[domain_realm] example.com = EXAMPLE.COM .example.com = EXAMPLE.COM [libdefaults] default_realm = EXAMPLE.COM dns_kdc_lookup = true dns_realm_lookup = true forwardable = true renewable = true [realms] EXAMPLE.COM = { kdc = kerberos-1.example.com:88 kdc = kerberos-2.example.com:88 admin_server = kerberos-1.example.com:749 }
kdc.conf
[kdcdefaults] kdc_ports = 749,88 [realms] EXAMPLE.COM = { database_name = /var/krb5kdc/principal admin_keytab = FILE:/var/krb5kdc/kadm5.keytab acl_file = /var/krb5kdc/kadm5.acl key_stash_file = /var/krb5kdc/.k5.EXAMPLE.COM kdc_ports = 749,88 max_life = 10h 0m 0s max_renewable_life = 7d 0h 0m 0s supported_keytypes = aes256-cts des-cbc-crc des-cbc-md5 }
Sources