Home Man
Today's Posts

Linux & Unix Commands - Search Man Pages

RedHat 9 (Linux i386) - man page for sserver (redhat section 8)

SSERVER(8)			     System Manager's Manual			       SSERVER(8)

       sserver - sample Kerberos version 5 server

       sserver [ -p port ] [ -S keytab ] [ server_port ]

       sserver	and  sclient  are a simple demonstration client/server application.  When sclient
       connects to sserver, it performs a Kerberos authentication, and then  sserver  returns  to
       sclient the Kerberos principal which was used for the Kerberos authentication.  It makes a
       good test that Kerberos has been successfully installed on a machine.

       The service name used by sserver and sclient is sample.	Hence, sserver will require  that
       there  be  a  keytab entry for the service "sample/hostname.domain.name@REALM.NAME".  This
       keytab is generated using the kadmin(8) program.  The keytab file is usually installed  as

       The -S option allows for a different keytab than the default.

       sserver	is  normally  invoked out of inetd(8), using a line in /etc/inetd.conf that looks
       like this:

       sample  stream  tcp     nowait  root /usr/kerberos/sbin/sserver	sserver

       Since sample is normally not a port defined in /etc/services, you will usually have to add
       a line to /etc/services which looks like this:

       sample	       13135/tcp

       When  using  sclient,  you  will  first have to have an entry in the Kerberos database, by
       using kadmin(8), and then you have to get Kerberos tickets, by using kinit(8).	Also,  if
       you  are  running the sclient program on a different host than the sserver it will be con-
       necting to, be sure that both hosts have an entry in  /etc/services  for  the  sample  tcp
       port, and that the same port number is in both files.

       When you run sclient you should see something like this:

       sendauth succeeded, reply is:
       reply len 32, contents:
       You are nlgilman@JIMI.MIT.EDU

       1)  kinit returns the error:

       kinit: Client not found in Kerberos database while getting initial credentials

       This means that you didn't create an entry for your username in the Kerberos database.

       2)  sclient returns the error:

       unknown service sample/tcp; check /etc/services

       This means that you don't have an entry in /etc/services for the sample tcp port.

       3)  sclient returns the error:

       connect: Connection refused

       This probably means you didn't edit /etc/inetd.conf correctly, or you didn't restart inetd
       after editing inetd.conf.

       4)  sclient returns the error:

       sclient: Server not found in Kerberos database while using sendauth

       This means that the "sample/hostname@LOCAL.REALM" service was not defined in the  Kerberos
       database;  it  should  be created using kadmin, and a keytab file needs to be generated to
       make the key for that service principal available for ssclient.

       5)  sclient returns the error:

       sendauth rejected, error reply is:
	       " No such file or directory"

       This probably means sserver couldn't find the keytab file.  It was probably not	installed
       in the proper directory.

       sclient(1), services(5), inetd(8)


All times are GMT -4. The time now is 04:09 PM.

Unix & Linux Forums Content Copyrightę1993-2018. All Rights Reserved.
Show Password