diff --git a/kadmin/kadmind.8 b/kadmin/kadmind.8 index adb8f41e0..160bf1cb5 100644 --- a/kadmin/kadmind.8 +++ b/kadmin/kadmind.8 @@ -51,7 +51,7 @@ daemon is responsible for the Kerberos 5 password changing protocol .Xr kpasswd 1 ) . .Pp -This daemon should only be run on ther master server, and not on any +This daemon should only be run on the master server, and not on any slaves. .Pp Principals are always allowed to change their own password and list @@ -118,7 +118,7 @@ enable debugging .Fl p Ar port , .Fl -ports= Ns Ar port .Xc -ports to listen to. By default, if run as a daemon, it listen to ports +ports to listen to. By default, if run as a daemon, it listens to ports 749, and 751 (if Kerberos 4 support is built and enabled), but you can add any number of ports with this option. The port string is a whitespace separated list of port specifications, with the special diff --git a/kdc/kdc.8 b/kdc/kdc.8 index 807cc1fbb..f3f9e4b93 100644 --- a/kdc/kdc.8 +++ b/kdc/kdc.8 @@ -30,7 +30,7 @@ .Sh DESCRIPTION .Nm serves requests for tickets. When it starts, it first checks the flags -passed, any options that are not specified with a command line flag is +passed, any options that are not specified with a command line flag are taken from a config file, or from a default compiled-in value. .Pp Options supported: @@ -49,8 +49,8 @@ This is the only value that can't be specified in the config file. Turn off the requirement for pre-autentication in the initial AS-REQ for all principals. The use of pre-authentication makes it more difficult to do offline password attacks. You might want to turn it -off if you have clients that doesn't do pre-authentication. Since the -version 4 protocol doesn't support any pre-authentication, so serving +off if you have clients that don't support pre-authentication. Since the +version 4 protocol doesn't support any pre-authentication, serving version 4 clients is just about the same as not requiring pre-athentication. The default is to require pre-authentication. Adding the require-preauth per principal is a more @@ -93,7 +93,7 @@ will listen on all the locally configured addresses. If only a subset is desired, or the automatic detection fails, this option might be used. .El .Pp -All activities , are logged to one or more destinations, see +All activities are logged to one or more destinations, see .Xr krb5.conf 5 , and .Xr krb5_openlog 3 . @@ -110,7 +110,7 @@ only are found in the section. All the command-line options can preferably be added in the configuration file. The only difference is the pre-authentication flag, -that has to be specified as: +which has to be specified as: .Pp .Dl require-preauth = no .Pp diff --git a/kpasswd/kpasswdd.8 b/kpasswd/kpasswdd.8 index 85e712759..8c6290b8a 100644 --- a/kpasswd/kpasswdd.8 +++ b/kpasswd/kpasswdd.8 @@ -59,17 +59,17 @@ is not zero terminated. .Fl k Ar kspec , .Fl -keytab= Ns Ar kspec .Xc -keytab to get authentication key from +Keytab to get authentication key from .It Xo .Fl r Ar realm , .Fl -realm= Ns Ar realm .Xc -default realm +Default realm .It Xo .Fl p Ar string , .Fl -port= Ns Ar string .Xc -port to listen on (default service kpasswd - 464). +Port to listen on (default service kpasswd - 464). .El .Sh DIAGNOSTICS If an error occurs, the error message is returned to the user and/or