我已按照以下步骤为centos设置Kerberos服务器。
我能够使用kinit命令生成TGT。但是,当我尝试SSH到服务器时,提示输入密码。
/etc/krb5.conf
includedir /etc/krb5.conf.d/
[logging]
default = FILE:/var/log/krb5libs.log
kdc = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
[libdefaults]
dns_lookup_realm = false
ticket_lifetime = 24h
renew_lifetime = 7d
forwardable = true
rdns = false
default_realm = TEST.COM
default_ccache_name = KEYRING:persistent:%{uid}
[realms]
TEST.COM = {
kdc = vm.test.com
admin_server = vm.test.com
}
[domain_realm]
.test.com = TEST.COM
test.com = TEST.COM
答案 0 :(得分:0)
解决了。 我在krb5.conf中输入了主机名,而不是服务器的fqdn。 :D