Man page generated from reStructuredText.
. . .nr rst2man-indent-level 0 . \\$1 \\n[an-margin] level \\n[rst2man-indent-level] level margin: \\n[rst2man-indent\\n[rst2man-indent-level]] - \\n[rst2man-indent0] \\n[rst2man-indent1] \\n[rst2man-indent2] .. .rstReportMargin pre:
. RS \\$1 . nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin] . nr rst2man-indent-level +1 .rstReportMargin post:
.. . RE indent \\n[an-margin]
old: \\n[rst2man-indent\\n[rst2man-indent-level]]
.nr rst2man-indent-level -1 new: \\n[rst2man-indent\\n[rst2man-indent-level]]
.. sserver - sample Kerberos version 5 server sserver [ -p port ] [ -S keytab ] [ server_port ] sserver and \%sclient are a simple demonstration client/server application. When sclient connects to sserver, it performs a Kerberos authentication, and then sserver returns to sclient the Kerberos principal which was used for the Kerberos authentication. It makes a good test that Kerberos has been successfully installed on a machine. The service name used by sserver and sclient is sample. Hence, sserver will require that there be a keytab entry for the service sample/hostname.domain.name@REALM.NAME. This keytab is generated using the \%kadmin program. The keytab file is usually installed as @KTNAME@. The -S option allows for a different keytab than the default. sserver is normally invoked out of inetd(8), using a line in /etc/inetd.conf that looks like this: NDENT 0.0 NDENT 3.5 .EX sample stream tcp nowait root /usr/local/sbin/sserver sserver NINDENT NINDENT Since sample is normally not a port defined in /etc/services, you will usually have to add a line to /etc/services which looks like this: NDENT 0.0 NDENT 3.5 .EX sample 13135/tcp NINDENT NINDENT When using sclient, you will first have to have an entry in the Kerberos database, by using \%kadmin, and then you have to get Kerberos tickets, by using \%kinit. Also, if you are running the sclient program on a different host than the sserver it will be connecting to, be sure that both hosts have an entry in /etc/services for the sample tcp port, and that the same port number is in both files. When you run sclient you should see something like this: NDENT 0.0 NDENT 3.5 .EX sendauth succeeded, reply is: reply len 32, contents: You are nlgilman@JIMI.MIT.EDU NINDENT NINDENT NDENT 0.0 kinit returns the error: NDENT 3.0 NDENT 3.5 .EX kinit: Client not found in Kerberos database while getting initial credentials NINDENT NINDENT This means that you didn\(aqt create an entry for your username in the Kerberos database. sclient returns the error: NDENT 3.0 NDENT 3.5 .EX unknown service sample/tcp; check /etc/services NINDENT NINDENT This means that you don\(aqt have an entry in /etc/services for the sample tcp port. sclient returns the error: NDENT 3.0 NDENT 3.5 .EX connect: Connection refused NINDENT NINDENT This probably means you didn\(aqt edit /etc/inetd.conf correctly, or you didn\(aqt restart inetd after editing inetd.conf. sclient returns the error: NDENT 3.0 NDENT 3.5 .EX sclient: Server not found in Kerberos database while using sendauth NINDENT NINDENT This means that the sample/hostname@LOCAL.REALM service was not defined in the Kerberos database; it should be created using \%kadmin, and a keytab file needs to be generated to make the key for that service principal available for sclient. sclient returns the error: NDENT 3.0 NDENT 3.5 .EX sendauth rejected, error reply is: \(dqNo such file or directory\(dq NINDENT NINDENT This probably means sserver couldn\(aqt find the keytab file. It was probably not installed in the proper directory. NINDENT See \%kerberos for a description of Kerberos environment variables. \%sclient, \%kerberos, services(5), inetd(8) MIT 1985-2025, MIT Generated by docutils manpage writer.
.