どのパッケージをインストールすればいいのかわからんから、とりあえず全部突っ込んだ〜
$ sudo apt-get install krb5-*
/etc/krb5.confと/etc/krb5kdc/kdc.confを適当に編集。
$ sudo vi /etc/krb5.conf [libdefaults] default_realm = HOGEHOGE.COM default_tgs_enctypes = aes256-cts arcfour-hmac-md5 des3-hmac-sha1 des-cbc-crc des-cbc-md5 default_tkt_enctypes = aes256-cts arcfour-hmac-md5 des3-hmac-sha1 des-cbc-crc des-cbc-md5 dns_lookup_realm = false dns_lookup_kdc = false [realms] HOGEHOGE.COM = { kdc = 192.168.0.3:88 admin_server = 192.168.0.3 }
$ sudo vi /etc/krb5kdc/kdc.conf [kdcdefaults] kdc_ports = 750,88 [realms] HOGEHOGE.COM = { database_name = /var/lib/krb5kdc/principal admin_keytab = FILE:/etc/krb5kdc/kadm5.keytab acl_file = /etc/krb5kdc/kadm5.acl key_stash_file = /etc/krb5kdc/stash kdc_ports = 750,88 max_life = 10h 0m 0s max_renewable_life = 7d 0h 0m 0s master_key_type = des3-hmac-sha1 supported_enctypes = des3-hmac-sha1:normal des-cbc-crc:normal des:normal des:v4 des:norealm des:onlyrealm des:afs3 default_principal_flags = +preauth }
KDCデータベースを初期化して〜
# kdb5_util create -s Loading random data Initializing database '/var/lib/krb5kdc/principal' for realm 'HOGEHOGE.COM', master key name 'K/M@HOGEHOGE.COM' You will be prompted for the database Master Password. It is important that you NOT FORGET this password. Enter KDC database master key: Re-enter KDC database master key to verify:
プリンシパルを作るんだ〜
# kadmin.local Authenticating as principal root/admin@HOGEHOGE.COM with password. kadmin.local: addprinc hoge WARNING: no policy specified for hoge@HOGEHOGE.COM; defaulting to no policy Enter password for principal "hoge@HOGEHOGE.COM": Re-enter password for principal "hoge@HOGEHOGE.COM": Principal "hoge@HOGEHOGE.COM" created. kadmin.local: q
ではテスト。
$ kinit hoge Password for hoge@HOGEHOGE.COM: New ticket is stored in cache file /tmp/krb5cc_1000
おしまい!
コメントくださいや!先輩!!