User Tools
настройка_kdc_серверов_и_клиентов
Differences
This shows you the differences between two versions of the page.
| Both sides previous revision Previous revision Next revision | Previous revision | ||
|
настройка_kdc_серверов_и_клиентов [2016/10/06 09:05] val [Установка] |
настройка_kdc_серверов_и_клиентов [2023/02/17 10:32] (current) val [Отладка] |
||
|---|---|---|---|
| Line 4: | Line 4: | ||
| * [[Финальная настройка DNS сервера]] | * [[Финальная настройка DNS сервера]] | ||
| + | * [[Сервис DNS#Утилиты тестирования DNS]] | ||
| * [[Сервис NTP]] | * [[Сервис NTP]] | ||
| Line 10: | Line 11: | ||
| ==== Установка ==== | ==== Установка ==== | ||
| - | === Ubuntu (MIT) === | + | === Debian/Ubuntu (MIT) === |
| <code> | <code> | ||
| root@server:~# apt install krb5-kdc krb5-admin-server | root@server:~# apt install krb5-kdc krb5-admin-server | ||
| </code> | </code> | ||
| - | |||
| - | === FreeBSD (Heimdal) === | ||
| - | <code> | ||
| - | [server:~] # cat /etc/rc.conf | ||
| - | </code><code> | ||
| - | ... | ||
| - | kdc_enable="YES" # FreeBSD10 | ||
| - | ... | ||
| - | </code> | ||
| - | |||
| ==== Настройка ==== | ==== Настройка ==== | ||
| Line 36: | Line 27: | ||
| </code> | </code> | ||
| - | === Ubuntu (MIT) === | + | === Debian/Ubuntu (MIT) === |
| <code> | <code> | ||
| - | root@server:~# mv /dev/random /dev/random.bak | ||
| - | root@server:~# ln -s /dev/urandom /dev/random | ||
| - | |||
| root@server:~# krb5_newrealm | root@server:~# krb5_newrealm | ||
| </code><code> | </code><code> | ||
| Line 51: | Line 39: | ||
| </code> | </code> | ||
| - | === FreeBSD (Heimdal) === | + | |
| - | <code> | + | |
| - | server# kstash | + | |
| - | </code><code> | + | |
| - | Master key: sdfsd787sg8df7gsd | + | |
| - | </code><code> | + | |
| - | server# kadmin -l | + | |
| - | </code><code> | + | |
| - | kadmin> init CORPX.UN | + | |
| - | Realm max ticket life [unlimited]: | + | |
| - | Realm max renewable ticket life [unlimited]: | + | |
| - | kadmin> quit | + | |
| - | </code> | + | |
| ==== Запуск ==== | ==== Запуск ==== | ||
| - | |||
| - | === FreeBSD10 === | ||
| - | <code> | ||
| - | [server:~] # service kdc start | ||
| - | </code> | ||
| === Ubuntu/Debian === | === Ubuntu/Debian === | ||
| Line 79: | Line 50: | ||
| ==== Отладка ==== | ==== Отладка ==== | ||
| - | === FreeBSD === | + | === Debian/Ubuntu === |
| <code> | <code> | ||
| - | # tail -f /var/heimdal/kdc.log | + | server# tail -f /var/log/auth.log |
| </code> | </code> | ||
| + | * [[ Регистрация ключей принципалов в KDC]] | ||
| ===== Настройка Kerberos клиента ===== | ===== Настройка Kerberos клиента ===== | ||
| ==== Инсталляция ==== | ==== Инсталляция ==== | ||
| - | === Ubuntu/Debian === | + | === Debian/Ubuntu === |
| <code> | <code> | ||
| # apt install krb5-user | # apt install krb5-user | ||
| Line 110: | Line 82: | ||
| </code> | </code> | ||
| + | ===== FreeBSD (Heimdal) ===== | ||
| + | |||
| + | <code> | ||
| + | [server:~] # cat /etc/rc.conf | ||
| + | </code><code> | ||
| + | ... | ||
| + | kdc_enable="YES" # FreeBSD10 | ||
| + | ... | ||
| + | </code> | ||
| + | |||
| + | <code> | ||
| + | server# kstash | ||
| + | </code><code> | ||
| + | Master key: sdfsd787sg8df7gsd | ||
| + | </code><code> | ||
| + | server# kadmin -l | ||
| + | </code><code> | ||
| + | kadmin> init CORPX.UN | ||
| + | Realm max ticket life [unlimited]: | ||
| + | Realm max renewable ticket life [unlimited]: | ||
| + | kadmin> quit | ||
| + | </code> | ||
| + | <code> | ||
| + | [server:~] # service kdc start | ||
| + | </code> | ||
| + | |||
| + | <code> | ||
| + | server# tail -f /var/heimdal/kdc.log | ||
| + | </code> | ||
настройка_kdc_серверов_и_клиентов.1475733914.txt.gz · Last modified: 2016/10/06 09:05 (external edit)
Page Tools
Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
