|Linux & Unix Commands - Search Man Pages
krb5kdc - Kerberos V5 KDC
krb5kdc [ -d dbname ] [ -k keytype ] [ -M mkeyname ] [ -p portnum ] [ -m ] [ -r realm ] [
-4 v4mode ]
krb5kdc is the Kerberos version 5 Authentication Service and Key Distribution Center
The -r realm option specifies the realm for which the server should provide service; by
default the realm returned by krb5_default_local_realm(3) is used.
The -d dbname option specifies the name under which the principal database can be found;
by default the database is in DEFAULT_DBM_FILE.
The -k keytype option specifies the key type of the master key in the database; the
default is KEYTYPE_DES.
The -M mkeyname option specifies the principal name for the master key in the database;
the default is KRB5_KDB_M_NAME (usually "K/M" in the KDC's realm).
The -p portnum option specifies the default UDP port number which the KDC should listen on
for Kerberos version 5 requests. This value is used when no port is specified in the KDC
profile and when no port is specified in the Kerberos configuration file. If no value is
available, then the value in /etc/services for service "kerberos" is used.
The -m option specifies that the master database password should be fetched from the key-
board rather than from a file on disk.
The -4 option specifies how the KDC responds to kerberos IV requests for tickets. The
command line option overrides the value in the KDC profile. The possible values are none,
disable, full or nopreauth. These instruct the KDC to not respond to V4 packets, to
respond with a version skew error, to issue tickets for all database entries, and to issue
tickets for all but preauthentication required database entries respectively. The default
behaviour is as if nopreauth was specified.
The KDC may service requests for multiple realms (maximum 32 realms). The realms are
listed on the command line. Per-realm options that can be specified on the command line
pertain for each realm that follows it and are superceded by subsequent definitions of the
same option. For example,
krb5kdc -p 2001 -r REALM1 -p 2002 -r REALM2 -r REALM3
specifies that the KDC listen on port 2001 for REALM1 and on port 2002 for REALM2 and
REALM3. Additionally, per-realm parameters may be specified in the kdc.conf file. The
location of this file may be specified by the KRB5_KDC_PROFILE environment variable.
Parameters specified in this file take precedence over options specified on the command
line. See the kdc.conf(5) description for further details.
krb5(3), kdb5_util(8), kdc.conf(5)
It should fork and go into the background when it finishes reading the master password
from the terminal.
All times are GMT -4. The time now is 11:46 AM.