...
Créer le principal du client sous kadmin (depuis le client) et générer stocker la clé localement (dans /etc/krb5.keytab) :
| Bloc de code |
|---|
x[root@clinux log]# kadmin Authenticating as principal root/admin@UNIV-RENNES1.FR with password. Password for root/admin@UNIV-RENNES1.FR: kadmin: addprinc -randkey host/clinux.ifsic.univ-rennes1.fr WARNING: no policy specified for host/clinux.ifsic.univ-rennes1.fr@UNIV-RENNES1.FR; defaulting to no policy Principal "host/clinux.ifsic.univ-rennes1.fr@UNIV-RENNES1.FR" created. kadmin: ktadd -k /etc/krb5.keytab host/clinux.ifsic.univ-rennes1.fr Entry for principal host/clinux.ifsic.univ-rennes1.fr with kvno 3, encryption type AES-256 CTS mode with 96-bit SHA-1 HMAC added to keytab WRFILE:/etc/krb5.keytab. Entry for principal host/clinux.ifsic.univ-rennes1.fr with kvno 3, encryption type AES-128 CTS mode with 96-bit SHA-1 HMAC added to keytab WRFILE:/etc/krb5.keytab. Entry for principal host/clinux.ifsic.univ-rennes1.fr with kvno 3, encryption type Triple DES cbc mode with HMAC/sha1 added to keytab WRFILE:/etc/krb5.keytab. Entry for principal host/clinux.ifsic.univ-rennes1.fr with kvno 3, encryption type ArcFour with HMAC/md5 added to keytab WRFILE:/etc/krb5.keytab. Entry for principal host/clinux.ifsic.univ-rennes1.fr with kvno 3, encryption type DES with HMAC/sha1 added to keytab WRFILE:/etc/krb5.keytab. Entry for principal host/clinux.ifsic.univ-rennes1.fr with kvno 3, encryption type DES cbc mode with RSA-MD5 added to keytab WRFILE:/etc/krb5.keytab. kadmin: exit [root@clinux log]# |
A compléter