1\input texinfo @c -*- texinfo -*- 2@c %**start of header 3@c $Id: heimdal.texi 22191 2007-12-06 17:26:30Z lha $ 4@setfilename heimdal.info 5@settitle HEIMDAL 6@iftex 7@afourpaper 8@end iftex 9@c some sensible characters, please? 10@tex 11\input latin1.tex 12@end tex 13@setchapternewpage on 14@syncodeindex pg cp 15@c %**end of header 16 17@include vars.texi 18 19@set UPDATED $Date: 2007-12-06 09:26:30 -0800 (Tor, 06 Dec 2007) $ 20@set VERSION @value{PACKAGE_VERSION} 21@set EDITION 1.0 22 23@ifinfo 24@dircategory Security 25@direntry 26* Heimdal: (heimdal). The Kerberos 5 distribution from KTH 27@end direntry 28@end ifinfo 29 30@c title page 31@titlepage 32@title Heimdal 33@subtitle Kerberos 5 from KTH 34@subtitle Edition @value{EDITION}, for version @value{VERSION} 35@subtitle 2007 36@author Johan Danielsson 37@author Love H�rnquist �strand 38@author Assar Westerlund 39@author last updated @value{UPDATED} 40 41@def@copynext{@vskip 20pt plus 1fil@penalty-1000} 42@def@copyrightstart{} 43@def@copyrightend{} 44@page 45@copyrightstart 46Copyright (c) 1997-2007 Kungliga Tekniska H�gskolan 47(Royal Institute of Technology, Stockholm, Sweden). 48All rights reserved. 49 50Redistribution and use in source and binary forms, with or without 51modification, are permitted provided that the following conditions 52are met: 53 541. Redistributions of source code must retain the above copyright 55 notice, this list of conditions and the following disclaimer. 56 572. Redistributions in binary form must reproduce the above copyright 58 notice, this list of conditions and the following disclaimer in the 59 documentation and/or other materials provided with the distribution. 60 613. Neither the name of the Institute nor the names of its contributors 62 may be used to endorse or promote products derived from this software 63 without specific prior written permission. 64 65THIS SOFTWARE IS PROVIDED BY THE INSTITUTE AND CONTRIBUTORS ``AS IS'' AND 66ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 67IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 68ARE DISCLAIMED. IN NO EVENT SHALL THE INSTITUTE OR CONTRIBUTORS BE LIABLE 69FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 70DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 71OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 72HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 73LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 74OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 75SUCH DAMAGE. 76 77@copynext 78 79Copyright (C) 1990 by the Massachusetts Institute of Technology 80 81Export of this software from the United States of America may 82require a specific license from the United States Government. 83It is the responsibility of any person or organization contemplating 84export to obtain such a license before exporting. 85 86WITHIN THAT CONSTRAINT, permission to use, copy, modify, and 87distribute this software and its documentation for any purpose and 88without fee is hereby granted, provided that the above copyright 89notice appear in all copies and that both that copyright notice and 90this permission notice appear in supporting documentation, and that 91the name of M.I.T. not be used in advertising or publicity pertaining 92to distribution of the software without specific, written prior 93permission. M.I.T. makes no representations about the suitability of 94this software for any purpose. It is provided "as is" without express 95or implied warranty. 96 97@copynext 98 99Copyright (c) 1988, 1990, 1993 100 The Regents of the University of California. All rights reserved. 101 102Redistribution and use in source and binary forms, with or without 103modification, are permitted provided that the following conditions 104are met: 105 1061. Redistributions of source code must retain the above copyright 107 notice, this list of conditions and the following disclaimer. 108 1092. Redistributions in binary form must reproduce the above copyright 110 notice, this list of conditions and the following disclaimer in the 111 documentation and/or other materials provided with the distribution. 112 1133. Neither the name of the University nor the names of its contributors 114 may be used to endorse or promote products derived from this software 115 without specific prior written permission. 116 117THIS SOFTWARE IS PROVIDED BY THE REGENTS AND CONTRIBUTORS ``AS IS'' AND 118ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 119IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 120ARE DISCLAIMED. IN NO EVENT SHALL THE REGENTS OR CONTRIBUTORS BE LIABLE 121FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 122DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 123OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 124HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 125LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 126OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 127SUCH DAMAGE. 128 129@copynext 130 131Copyright 1992 Simmule Turner and Rich Salz. All rights reserved. 132 133This software is not subject to any license of the American Telephone 134and Telegraph Company or of the Regents of the University of California. 135 136Permission is granted to anyone to use this software for any purpose on 137any computer system, and to alter it and redistribute it freely, subject 138to the following restrictions: 139 1401. The authors are not responsible for the consequences of use of this 141 software, no matter how awful, even if they arise from flaws in it. 142 1432. The origin of this software must not be misrepresented, either by 144 explicit claim or by omission. Since few users ever read sources, 145 credits must appear in the documentation. 146 1473. Altered versions must be plainly marked as such, and must not be 148 misrepresented as being the original software. Since few users 149 ever read sources, credits must appear in the documentation. 150 1514. This notice may not be removed or altered. 152 153@copynext 154 155IMath is Copyright 2002-2005 Michael J. Fromberger 156You may use it subject to the following Licensing Terms: 157 158Permission is hereby granted, free of charge, to any person obtaining 159a copy of this software and associated documentation files (the 160"Software"), to deal in the Software without restriction, including 161without limitation the rights to use, copy, modify, merge, publish, 162distribute, sublicense, and/or sell copies of the Software, and to 163permit persons to whom the Software is furnished to do so, subject to 164the following conditions: 165 166The above copyright notice and this permission notice shall be 167included in all copies or substantial portions of the Software. 168 169THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, 170EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF 171MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. 172IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY 173CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, 174TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE 175SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 176 177@copynext 178 179Copyright (c) 2005 Doug Rabson 180All rights reserved. 181 182Redistribution and use in source and binary forms, with or without 183modification, are permitted provided that the following conditions 184are met: 1851. Redistributions of source code must retain the above copyright 186 notice, this list of conditions and the following disclaimer. 1872. Redistributions in binary form must reproduce the above copyright 188 notice, this list of conditions and the following disclaimer in the 189 documentation and/or other materials provided with the distribution. 190 191THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 192ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 193IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 194ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 195FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 196DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 197OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 198HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 199LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 200OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 201SUCH DAMAGE. 202 203@copynext 204 205Copyright (c) 2005 Marko Kreen 206All rights reserved. 207 208Redistribution and use in source and binary forms, with or without 209modification, are permitted provided that the following conditions 210are met: 2111. Redistributions of source code must retain the above copyright 212 notice, this list of conditions and the following disclaimer. 2132. Redistributions in binary form must reproduce the above copyright 214 notice, this list of conditions and the following disclaimer in the 215 documentation and/or other materials provided with the distribution. 216 217THIS SOFTWARE IS PROVIDED BY THE AUTHOR AND CONTRIBUTORS ``AS IS'' AND 218ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 219IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE 220ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE 221FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL 222DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS 223OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 224HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT 225LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 226OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF 227SUCH DAMAGE. 228 229@copynext 230 231Copyright (c) 2006,2007 232NTT (Nippon Telegraph and Telephone Corporation) . All rights reserved. 233 234Redistribution and use in source and binary forms, with or without 235modification, are permitted provided that the following conditions 236are met: 2371. Redistributions of source code must retain the above copyright 238 notice, this list of conditions and the following disclaimer as 239 the first lines of this file unmodified. 2402. Redistributions in binary form must reproduce the above copyright 241 notice, this list of conditions and the following disclaimer in the 242 documentation and/or other materials provided with the distribution. 243 244THIS SOFTWARE IS PROVIDED BY NTT ``AS IS'' AND ANY EXPRESS OR 245IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES 246OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. 247IN NO EVENT SHALL NTT BE LIABLE FOR ANY DIRECT, INDIRECT, 248INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 249NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 250DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY 251THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT 252(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF 253THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. 254 255@copyrightend 256@end titlepage 257 258@macro manpage{man, section} 259@cite{\man\(\section\)} 260@end macro 261 262@c Less filling! Tastes great! 263@iftex 264@parindent=0pt 265@global@parskip 6pt plus 1pt 266@global@chapheadingskip = 15pt plus 4pt minus 2pt 267@global@secheadingskip = 12pt plus 3pt minus 2pt 268@global@subsecheadingskip = 9pt plus 2pt minus 2pt 269@end iftex 270@ifinfo 271@paragraphindent 0 272@end ifinfo 273 274@ifnottex 275@node Top, Introduction, (dir), (dir) 276@top Heimdal 277@end ifnottex 278 279This manual is last updated @value{UPDATED} for version 280@value{VERSION} of Heimdal. 281 282@menu 283* Introduction:: 284* What is Kerberos?:: 285* Building and Installing:: 286* Setting up a realm:: 287* Applications:: 288* Things in search for a better place:: 289* Kerberos 4 issues:: 290* Windows 2000 compatability:: 291* Programming with Kerberos:: 292* Migration:: 293* Acknowledgments:: 294 295@detailmenu 296 --- The Detailed Node Listing --- 297 298Setting up a realm 299 300* Configuration file:: 301* Creating the database:: 302* Modifying the database:: 303* keytabs:: 304* Serving Kerberos 4/524/kaserver:: 305* Remote administration:: 306* Password changing:: 307* Testing clients and servers:: 308* Slave Servers:: 309* Incremental propagation:: 310* Encryption types and salting:: 311* Cross realm:: 312* Transit policy:: 313* Setting up DNS:: 314* Using LDAP to store the database:: 315* Providing Kerberos credentials to servers and programs:: 316* Setting up PK-INIT:: 317 318Applications 319 320* Authentication modules:: 321* AFS:: 322 323Authentication modules 324 325* Digital SIA:: 326* IRIX:: 327 328Kerberos 4 issues 329 330* Principal conversion issues:: 331* Converting a version 4 database:: 332* kaserver:: 333 334Windows 2000 compatability 335 336* Configuring Windows 2000 to use a Heimdal KDC:: 337* Inter-Realm keys (trust) between Windows 2000 and a Heimdal KDC:: 338* Create account mappings:: 339* Encryption types:: 340* Authorisation data:: 341* Quirks of Windows 2000 KDC:: 342* Useful links when reading about the Windows 2000:: 343 344Programming with Kerberos 345 346* Kerberos 5 API Overview:: 347* Walkthrough of a sample Kerberos 5 client:: 348* Validating a password in a server application:: 349* API differences to MIT Kerberos:: 350* File formats:: 351 352@end detailmenu 353@end menu 354 355@include intro.texi 356@include whatis.texi 357@include install.texi 358@include setup.texi 359@include apps.texi 360@include misc.texi 361@include kerberos4.texi 362@include win2k.texi 363@include programming.texi 364@include migration.texi 365@include ack.texi 366 367@c @shortcontents 368@contents 369 370@bye 371