Home Man
Today's Posts

Linux & Unix Commands - Search Man Pages

RedHat 9 (Linux i386) - man page for krb5kdc (redhat section 8)

KRB5KDC(8)			     System Manager's Manual			       KRB5KDC(8)

       krb5kdc - Kerberos V5 KDC

       krb5kdc	[ -d dbname ] [ -k keytype ] [ -M mkeyname ] [ -p portnum ] [ -m ] [ -r realm ] [
       -4 v4mode ]

       krb5kdc is the Kerberos version 5  Authentication  Service  and	Key  Distribution  Center

       The  -r	realm  option specifies the realm for which the server should provide service; by
       default the realm returned by krb5_default_local_realm(3) is used.

       The -d dbname option specifies the name under which the principal database can  be  found;
       by default the database is in DEFAULT_DBM_FILE.

       The  -k	keytype  option  specifies  the  key  type of the master key in the database; the
       default is KEYTYPE_DES.

       The -M mkeyname option specifies the principal name for the master key  in  the	database;
       the default is KRB5_KDB_M_NAME (usually "K/M" in the KDC's realm).

       The -p portnum option specifies the default UDP port number which the KDC should listen on
       for Kerberos version 5 requests.  This value is used when no port is specified in the  KDC
       profile	and when no port is specified in the Kerberos configuration file.  If no value is
       available, then the value in /etc/services for service "kerberos" is used.

       The -m option specifies that the master database password should be fetched from the  key-
       board rather than from a file on disk.

       The  -4	option	specifies  how the KDC responds to kerberos IV requests for tickets.  The
       command line option overrides the value in the KDC profile.  The possible values are none,
       disable,  full  or  nopreauth.	These  instruct  the KDC to not respond to V4 packets, to
       respond with a version skew error, to issue tickets for all database entries, and to issue
       tickets	for all but preauthentication required database entries respectively. The default
       behaviour is as if nopreauth was specified.

       The KDC may service requests for multiple realms (maximum  32  realms).	 The  realms  are
       listed  on  the command line.  Per-realm options that can be specified on the command line
       pertain for each realm that follows it and are superceded by subsequent definitions of the
       same option.  For example,

       krb5kdc -p 2001 -r REALM1 -p 2002 -r REALM2 -r REALM3

       specifies  that	the  KDC  listen  on port 2001 for REALM1 and on port 2002 for REALM2 and
       REALM3.	Additionally, per-realm parameters may be specified in the  kdc.conf  file.   The
       location  of  this  file  may  be  specified by the KRB5_KDC_PROFILE environment variable.
       Parameters specified in this file take precedence over options specified  on  the  command
       line.  See the kdc.conf(5) description for further details.

       krb5(3), kdb5_util(8), kdc.conf(5)

       It  should  fork  and  go into the background when it finishes reading the master password
       from the terminal.


All times are GMT -4. The time now is 07:31 AM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
Show Password