7f9939c20d
git-svn-id: svn://svn.h5l.se/heimdal/trunk/heimdal@2384 ec53bebd-3082-4978-b11e-865c3cabbd6b
89 lines
2.2 KiB
Plaintext
89 lines
2.2 KiB
Plaintext
@node Tutorial, , Introduction, Top
|
|
@comment node-name, next, previous, up
|
|
@chapter Tutorial
|
|
|
|
There currently isn't any documentation other than the source. To give
|
|
some example how to you might try this code, we give you a quick
|
|
`tutorial'.
|
|
|
|
First build everything. You should be able to install it with
|
|
@samp{make install} but don't need to. Here are some simple tests to
|
|
exercise the kdc.
|
|
|
|
You will have to create a @file{/etc/krb5.conf} with the following contents:
|
|
|
|
@example
|
|
[realms]
|
|
MY.REALM = @{
|
|
kdc = my.computer
|
|
@}
|
|
[domain_realm]
|
|
my.computer = MY.REALM
|
|
@end example
|
|
|
|
And then,
|
|
|
|
@example
|
|
$ cd kdc
|
|
$ ../admin/kdb_edit
|
|
kdb_edit> init MY.REALM
|
|
Realm max ticket life: [infinite]
|
|
Realm max renewable ticket life: [infinite]
|
|
Default ticket life: [86400]
|
|
Default renewable ticket life: [432000]
|
|
@end example
|
|
|
|
This will create an initial database (in the current directory).
|
|
|
|
@example
|
|
kdb_edit> add me
|
|
Max ticket life [86400]:
|
|
Max renewable ticket [432000]:
|
|
Password:
|
|
Verifying password - Password:
|
|
@end example
|
|
|
|
This will add a principal for you.
|
|
|
|
@example
|
|
kdb_edit> add host/my.computer
|
|
Max ticket life [86400]:
|
|
Max renewable ticket [432000]:
|
|
Password:
|
|
Verifying password - Password:
|
|
@end example
|
|
|
|
This creates a host entry for your computer (this could be anything, but
|
|
a `host' principal is most useful). Try using the password
|
|
@samp{random}. That should generate a random key.
|
|
|
|
Now start the KDC (press control-D to exit kdb_edit).
|
|
|
|
@example
|
|
$ ./kdc &
|
|
@end example
|
|
|
|
Now, try to get some credentials.
|
|
|
|
@example
|
|
$ ../kuser/kinit me
|
|
me@@MY.REALM's Password:
|
|
$ ../kuser/klist
|
|
Credentials cache: /tmp/krb5cc_3008
|
|
Principal: me@@MY.REALM
|
|
|
|
Issued Expires Principal
|
|
Jul 13 07:25:55 Jul 14 07:25:55 krbtgt/MY.REALM@@MY.REALM
|
|
$ ../kuser/kfoo host/my.computer
|
|
$ ../kuser/klist
|
|
Credentials cache: /tmp/krb5cc_3008
|
|
Principal: me@@MY.REALM
|
|
|
|
Issued Expires Principal
|
|
Jul 13 07:25:55 Jul 14 07:25:55 krbtgt/MY.REALM@@MY.REALM
|
|
Jul 13 07:25:55 Jul 14 07:25:55 host/my.computer@@MY.REALM
|
|
@end example
|
|
|
|
Then you should try to run the programs in `appl/test', `appl/rsh', and
|
|
`appl/telnet'. This is left as an exercise to the reader.
|