You need a key for host/[hostname] in the krb5 keytab by default.
You can use the 'service_principal' configuration parameter to change the
principal required; for example you could specify 'radius' and then the
krb5 authenticator would look for radius/[hostname] in the krb5 keytab.
Aside from
On Tue, 11 Nov 2003, Ron Wahler wrote:
> You need to be able to point it to the KDC ( Key Distribution Center )
> an
> IP address or domain, and set up a shared key between them. So there has
> To be a way to configure it.
What I thought is that you just need a working kerberos environment in
you
4 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Kerberos krb5
>
> "Ron Wahler" <[EMAIL PROTECTED]> wrote:
> > Is there an example of how to set up the krb5 authentication module?
>
> I don't think it takes any configuration, so it shoul
"Ron Wahler" <[EMAIL PROTECTED]> wrote:
> Is there an example of how to set up the krb5 authentication module?
I don't think it takes any configuration, so it should just be an
empty:
modules {
...
krb5 {
}
Alan DeKok.
-
List info/subscribe/unsubscribe? See http://www.freeradius.org/
Is there an example of how to set up the krb5 authentication module?
In the auth section?
krb5{
}
> -Original Message-
> From: Alan DeKok [mailto:[EMAIL PROTECTED]
> Sent: Monday, November 10, 2003 4:54 PM
> To: [EMAIL PROTECTED]
> Subject: Re: Kerberos krb5
>
>
"Ron Wahler" <[EMAIL PROTECTED]> wrote:
> From looking into the code it looks like FreeRadius acts as the
> Kerberos Client. So is this a hook just to authenticate with a KDC ?
Yes.
> So it would not include all the other Client to Application server
> Kerberos
> Interaction. So the real clie
From looking into the code it looks like FreeRadius acts as
the
Kerberos Client. So is this a hook just to
authenticate with a KDC ?
So it would not include all the other Client to Application
server Kerberos
Interaction. So the real client is not Kerberos aware…
?
I can’
I can’t seem to find a good explanation of how FreeRadius
Integrates in with krb5 Kerberos.
Client -> AP -> FreeRadius -> KDC
?
Where FreeRadius converts the client request into a Kerberos
client request ,
Getting a ticket from the KDC and then returning the ticket
to