![[BACK]](/cvsweb/icons/back.gif){kind=icon}
Return to README CVS log ![[TXT]](/cvsweb/icons/text.gif){kind=icon}
![[DIR]](/cvsweb/icons/dir.gif){kind=icon}
Up to [CSRG BSD Unix] / 43BSDReno / etc / kerberosIV|
Return to README CVS log | Up to [CSRG BSD Unix] / 43BSDReno / etc / kerberosIV |
1.1 root 1: # @(#)README 5.1 (Berkeley) 6/30/90
2:
3: Notes about the contents of the /etc/kerberosIV directory:
4:
5: The file master_key contains a copy of the master key under which the
6: entire Kerberos database is encrypted. Disclosing this key would be bad
7: news. The reason it is stored in the filesystem is because the following
8: programs need to inspect or modify the kereros database, and so the key
9: must be available for them, (or else it would have to be typed in by
10: hand):
11: - kerberos (the server itself)
12: - registerd (for new user registration)
13: - kpasswdd (for changing passwords)
14:
15: The srvtab file contains the encryption keys for each service on the local
16: host. Any host offering network services would have a key here, although
17: many such files can be used.
18:
19: The principal.* files comprise the Kerberos database itself, and contain
20: keys for all principles, and should not be world-readable.
21:
22: The kerberos.conf file contains the configuration for this machine:
23: - which realm I'm in
24: - which servers I should talk to for this realm
25:
26: The kerberos.realms file contains the name of Kerberos servers for
27: various (sub)domains.
28:
29: Kerberos log information it placed in /var/log/kerberos.log
30: (see rc.local to change it)
31:
32: The register_keys directory contains a set of files (all of which begin
33: with "."), each of which contains a des key used for registering new users
34: with the system. It is used only by the "registerd" program, and only on
35: a Kerberos server host.
This archive runs on limited infrastructure. Preserving old code on modern bandwidth. Automated agents are requested to crawl responsibly.