Service manual
Chapter 3: Security 41
kadmin: ktadd host/acs48-2.cyclades.com
kadmin: q
To list all configured hosts in the Kerberos server, run the following command, which displays
all hosts added through the ktadd command in the Kerberos server.
# klist -k
7. Configure hostname and domain name.
# hostname acs48-2
# domainname cyclades.com
To access the console server through rlogin and Telnet:
In addition to performing the steps described in To configure the console server for SSH: on
page 40, make the following configuration changes.
1. Configure the /etc/inetd.conf file by uncommenting the following line lines.
#KERBEROS SERVICES
klogin stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/klogind
-ki
telnet stream tcp nowait root /usr/sbin/tcpd /usr/local/sbin/telnetd
2. Restart the inetd service.
# daemon.sh restart NET
3. Save the configuration.
# saveconf
To test the configuration:
1. The client must have a kerberized SSH. In addition, configure the following parameters in the
etc/ssh/ssh_config file.
GSSAPIAuthentication yes
GSSAPICleanupCreds yes
2. The client must have the same krb5.conf file in the Kerberos server.
# scp root@kerberos-server.cyclades.com:/etc/krb5.conf /etc/krb5.conf
3. Request the ticket from the Kerberos server.
# kinit -f -p john
Password for john@CYCLADES.COM: ******
You are prompted to insert the principal password, which is in the Kerberos server database.
4. Check to see if the ticket was received successfully.