Manualshelf

NFS Services Administrator's Guide (B.11.31.04) March 2009

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 ONC and NFS Software
31323334353637383940
1. Set up the host as a Kerberos client. For more information on setting up the NFS
server as a Kerberos client, see Configuration Guide for Kerberos Client Products
on HP-UX (5991-7685).
NOTE: In all of this section, the following systems will be used as examples:
Kerberos Server: onc52.ind.hp.com
NFS Server: onc20.ind.hp.com
NFS Client: onc36.ind.hp.com
2. Synchronize the date & time of server nodes with kerberos server. To change the
current date and time use date command followed by the current date and time.
For example, enter date 06101130 to set the date to June 10th and time to 11:30
AM. The time difference between the systems should not be more than 5 minutes.
3. Add a principal for all the NFS server to the Kerberos database. For example, if
our NFS server is onc20.ind.hp.com then nfs/onc20.ind.hp.com
principal should be added to the Kerberos database before running the NFS
applications.
To add principals use the Kerberos administration tool, kadminl
onc52# /opt/krb5/admin/kadminl
Connecting as: K/M
Connected to krb5v01 in realm ONC52.IND.HP.COM.
Command: add nfs/onc20.ind.hp.com
Enter password:
Re-enter password for verification:
Enter policy name (Press enter key to apply default policy) :
Principal added.
4. Copy the /etc/krb5.conf file from the Kerberos server to the NFS server node.
onc52# rcp /etc/krb5.conf onc20:/etc/
5. Extract the key for the NFS service principal on the Kerberos server and store it
in the /etc/krb5.keytab file on the NFS server. To extract the key, use the Kerberos
administration tool kadminl.
onc52# /opt/krb5/admin/kadminl
Connecting as: K/M
Connected to krb5v01 in realm ONC52.IND.HP.COM.
Command: ext
Name of Principal (host/onc52.ind.hp.com): nfs/onc20.ind.hp.com
Service Key Table File Name (/opt/krb5/v5srvtab): /etc/onc20.keytab
Principal modified.
Key extracted.
onc52# rcp /etc/onc20.keytab onc20:/etc/krb5.keytab
6. To verify the keys in NFS server, enter the following command in NFS server.
Configuring and Administering an NFS Server 37