I am in the wake of setting up ad MIT Kerberos5 kdc on a Raspberry Pi 2.
As being a noob in such matters, I spent quite a fair number of hours on The Net, reading various documents, blogs, posts, forum entries, which helped really a lot.
Presently I am trying to get kadmind up and running, which unfortunately I am struggling with. In the corresponding log file it is reading something like
May 19 18:12:00 MyKdc-01 kadmind[3412](info): No dictionary file specified, continuing without one.
May 19 18:12:00 MyKdc-01 kadmind[3412](info): setting up network...
May 19 18:12:00 MyKdc-01 kadmind[3412](info): setsockopt(9,IPV6_V6ONLY,1) worked
May 19 18:12:00 MyKdc-01 kadmind[3412](info): setsockopt(11,IPV6_V6ONLY,1) worked
May 19 18:12:00 MyKdc-01 kadmind[3412](Error): Address already in use - Cannot bind server socket on 0.0.0.0.749
May 19 18:12:00 MyKdc-01 kadmind[3412](Error): Failed setting up a RPC socket (for 0.0.0.0.749)
May 19 18:12:00 MyKdc-01 kadmind[3412](Error): Address already in use - Error setting up network
My /etc/krb5.conf
[libdefaults]
default_realm = MYDOM.LOCAL
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
fcc-mit-ticketflags = true
[realms]
MYDOM.LOCAL = {
kdc = mykdc-01.mydom.local:88
admin_server = mykdc-01.mydom.local:749
default_domain = mydom.local
}
[domain_realm]
.local = MYDOM.LOCAL
and my /etc/krb5kdc/kdc.conf
[kdcdefaults]
kdc_listen = 88
kdc_tcp_listen = 88
[realms]
MYDOM.LOCAL = {
kadmind_port = 749
max_life = 10h 0m 0s
max_renewable_life = 7d 0h 0m 0s
master_key_type = des3-hmac-sha1
default_principal_flags = +preauth
database_name = /var/lib/krb5kdc/principal
admin_keytab = FILE:/etc/krb5kdc/kadm5.keytab
acl_file = /etc/krb5kdc/kadm5.acl
key_stash_file = /etc/krb5kdc/stash
}
[logging]
kdc = FILE:/var/log/krb5/krb5kdc.log
admin_server = FILE:/var/log/krb5/kadmin.log
default = FILE:/var/log/krb5/krb5lib.log
Any hint as how to tackle this one would be more than appreciated. :)
C.