kerberos - 001
Realm: EXAMPLE.COM
Primary KDC: kdc.example.com (10.0.0.4)
User principal: ubuntu
Admin principal: ubuntu/admin
kdc server:
hostnamectl set-hostname kdc.example.com
cient:
hostnamectl set-hostname k2.example.com
cat /etc/hosts
10.0.0.4 kdc.example.com
10.0.0.5 k2.example.com
sudo apt update
sudo apt install krb5-kdc krb5-admin-server -y
sudo krb5_newrealm
/etc/krb5.conf
/etc/krb5kdc/kdc.conf
sudo kadmin.local
root@k1:~# sudo kadmin.local
Authenticating as principal root/admin@EXAMPLE.COM with password.
kadmin.local: addprinc ubuntu/admin
WARNING: no policy specified for ubuntu/admin@EXAMPLE.COM; defaulting to no policy
Enter password for principal "ubuntu/admin@EXAMPLE.COM":
Re-enter password for principal "ubuntu/admin@EXAMPLE.COM":
Principal "ubuntu/admin@EXAMPLE.COM" created.
kadmin.local:
kadmin.local:
kadmin.local: quit
root@k1:~#
root@k1:~# sudo kadmin.local
Authenticating as principal root/admin@EXAMPLE.COM with password.
kadmin.local:
kadmin.local:
kadmin.local: addprinc -randkey host/k1.example.com
WARNING: no policy specified for host/k1.example.com@EXAMPLE.COM; defaulting to no policy
Principal "host/k1.example.com@EXAMPLE.COM" created.
kadmin.local: ktadd host/k1.example.com
Entry for principal host/k1.example.com with kvno 2, encryption type aes256-cts-hmac-sha1-96 added to keytab FILE:/etc/krb5.keytab.
Entry for principal host/k1.example.com with kvno 2, encryption type aes128-cts-hmac-sha1-96 added to keytab FILE:/etc/krb5.keytab.
kadmin.local: quit
root@k1:~#
root@k1:~#
root@k1:~#
sudo systemctl restart krb5-admin-server.service
useradd -m -s /bin/bash xman