From: Paul Park Date: Fri, 23 Jun 1995 14:37:45 +0000 (+0000) Subject: Add description of new KDC configuration file X-Git-Tag: krb5-1.0-beta6~1673 X-Git-Url: http://git.tremily.us/?a=commitdiff_plain;h=b6960f416b5e15ea8c8333cf8ad702b3d5736884;p=krb5.git Add description of new KDC configuration file git-svn-id: svn://anonsvn.mit.edu/krb5/trunk@6141 dc483132-0cff-0310-8789-dd5450dbe970 --- diff --git a/src/config-files/ChangeLog b/src/config-files/ChangeLog index b21ea3933..fe4209842 100644 --- a/src/config-files/ChangeLog +++ b/src/config-files/ChangeLog @@ -1,4 +1,8 @@ +Fri Jun 23 10:36:48 EDT 1995 Paul Park (pjpark@mit.edu) + * kdc.conf[.M] - Add description of new KDC configuration file. + + Thu Jun 8 15:00:39 EDT 1995 Paul Park (pjpark@mit.edu) * krb5.conf.M - Add description of logging profile entries. diff --git a/src/config-files/kdc.conf b/src/config-files/kdc.conf new file mode 100644 index 000000000..39d1d033d --- /dev/null +++ b/src/config-files/kdc.conf @@ -0,0 +1,7 @@ + +[ATHENA.MIT.EDU] + database_name = /usr/local/lib/krb5kdc/principal + key_stash_file = /usr/local/lib/krb5kdc/stash + port = 88 + max_life = 8h 0m 0s + max_renewable_life = 7d 0h 0m 0s diff --git a/src/config-files/kdc.conf.M b/src/config-files/kdc.conf.M new file mode 100644 index 000000000..ccc9bf706 --- /dev/null +++ b/src/config-files/kdc.conf.M @@ -0,0 +1,106 @@ +.\" Copyright 1995 by the Massachusetts Institute of Technology. +.\" +.\" Export of this software from the United States of America may +.\" require a specific license from the United States Government. +.\" It is the responsibility of any person or organization contemplating +.\" export to obtain such a license before exporting. +.\" +.\" WITHIN THAT CONSTRAINT, permission to use, copy, modify, and +.\" distribute this software and its documentation for any purpose and +.\" without fee is hereby granted, provided that the above copyright +.\" notice appear in all copies and that both that copyright notice and +.\" this permission notice appear in supporting documentation, and that +.\" the name of M.I.T. not be used in advertising or publicity pertaining +.\" to distribution of the software without specific, written prior +.\" permission. M.I.T. makes no representations about the suitability of +.\" this software for any purpose. It is provided "as is" without express +.\" or implied warranty. +.\" +.TH KDC.CONF 5 "Kerberos Version 5.0" "MIT Project Athena" +.SH NAME +kdc.conf \- Kerberos V5 KDC configuration file +.SH DESCRIPTION +.I kdc.conf +specifies per-realm configuration data to be used by the Kerberos V5 +Authentication Service and Key Distribution Center (AS/KDC). This +includes database, key and per-realm defaults. +.PP +The +.I kdc.conf +file uses the same format as the +.I krb5.conf +file. For a basic description of the syntax, please refer to the +.I krb5.conf +description. +.PP +Each section in +.I kdc.conf +describes a particular realm and the individual tags describe that +parameter value for that realm. The following tags are currently +used: +.IP database_name +This +.B string +specifies the location of the Kerberos database for this realm. + +.IP master_key_name +This +.B string +specifies the name of the master key. + +.IP master_key_type +This +.B integer +represents the master key's key type (see krb5.h for key type values). + +.IP encryption_type +This +.B integer +represents the encryption type used for this realm (see krb5.h for +encryption type values). + +.IP key_stash_file +This +.B string +specifies the location where the master key has been stored with +.I kdb5_stash. + +.IP port +This +.B integer +specifies the primary port that the KDC is to listen to for this +realm. + +.IP max_life +This +.B string +specifes the maximum time period that a ticket may be valid for in +this realm. The format of this string may be one of the following: +.in +1i +.I -:: + +.I d h m s + +.I :: + +.I h m s + +.I : + +.I h m + +.I + +.in -1i +.IP max_renewable_life +This +.B string +specifies the maximum time period that a ticket may be renewed for in +this realm. The format is the same as for +.I max_life. + +.SH FILES +/usr/local/lib/krb5kdc/kdc.conf + +.SH SEE ALSO +krb5.conf(5), krb5kdc(8)