NFS Services Administrator's Guide
Configuring and Administering NFS Services
Configuring and Administering an NFS Server
Chapter 258
NOTE Add a principal for all machines that are going to use the NFS
Service. Also, add a principal for all users who will access the data on
the NFS server. For example, the sample/krbsrv39.anyrealm.com
principal should be added to the Kerberos database before running
the sample applications.
2. To get the initial Ticket Granting Ticket (TGT) to request a service
from the application server, enter the following command:
kinit
username
The password prompt is displayed. Enter the password for the root
principal that is added to the Kerberos database.
3. To verify the TGT, enter the following command:
klist
An output similar to the following output is displayed:
Ticket cache: /tmp/krb5cc_0
Default principal: root@krbhost.anyrealm.com
Valid starting Expires Service principal
Fri 16 Jan 2007 01:44:08 PM PDT Sat 17 Jan 2007 01:44:08 PM
PDT krbtgt/krbhost.anyrealm.com@krbhost.anyrealm.com
4. To verify that the system is set up as a Kerberos client, enter the
following command:
ps -ef |grep kr
An output similar to the following output is displayed:
root 1156 1139 0 Feb 9 ? 0:30
/opt/krb5/sbin/kdcd
root 1139 1 0 Feb 9 ? 0:00
/opt/krb5/sbin/kdcd
root 1154 1 0 Feb 9 ? 15:33
/opt/krb5/sbin/kadmind
This output indicates that the Kerberos daemons are running.
5. To verify that the underlying GSS-API framework is working
properly, run the sample program /usr/contrib/gssapi/sample.