SUMMARY: Kerberos V setup on Solaris 9

From: Bhavesh Shah (shah.bhavesh@gene.com)
Date: Tue Feb 21 2006 - 13:17:17 EST


Many Thanks to Edward Farrar for his suggetion and excellent support.

The solution is:
I had to create principal and keytab file for Master and install
kerberised version of telnet and ftp.
the link sent by Edward is great.

http://www.ornl.gov/~jar/HowToKerb.html#Configure

Thanks once again Edward.

My original post was:

Hi Gurus,

>I have been asked to setup Master kerberos and change all passwd to
>kerberized ones. I am new to Kerbros.
>I have setup a Kerberos Master Server V on Solaris 9, created admin
>principal by following instructions on the web site
>http://www.ornl.gov/~jar/HowToKerb.html#Configure
>Now i need to kerberize passwd for which i did following:
>1) edit /etc/passwd and /etc/shadow file and changed the second field to
>KRB for one of the user.
>
>/etc/passwd
>guest:KRB:17349:140:Guest user,:/home/guest:/bin/csh
>
>/etc/shadow
>guest:KRB:13193::::::
>
>2) edit /etc/pam.conf to support ssh kerberose.
>/etc/pam.conf
>sshd auth sufficient /usr/lib/security/pam_krb5.so.1
>try_first_pass
>sshd auth required /usr/lib/security/pam_unix_auth.so.
>
>When i try to login it doesn't let me in. it seems i am missing
>something. can anyone help me in resloving this please?
>Also i need to take the bakcup of Kerberos DB so that if server fails. I
>can setup other server and import this DB and bring up there besides slave.
>Any help is greatly appreciated.
>Best Regards
>shahb
>_______________________________________________
>sunmanagers mailing list
>sunmanagers@sunmanagers.org
>http://www.sunmanagers.org/mailman/listinfo/sunmanagers
_______________________________________________
sunmanagers mailing list
sunmanagers@sunmanagers.org
http://www.sunmanagers.org/mailman/listinfo/sunmanagers



This archive was generated by hypermail 2.1.7 : Wed Apr 09 2008 - 23:39:02 EDT