For a test setup, we need to create a custom service running on a
server and a custom application running on the client. The
sample gss client/server from the Kerberos sources is used for
demonstration.
Setting this up with plain Kerberos is easy:
1. Create the service principal with
$ addprinc -randkey sample/server.domain
2. Add key to keytab
$ ktadd ...
3. Copy keytab to server
4. Run the service
$ gss_server -port 12345 sample
Now, how would one do this with freeipa, using the command line
interface?
1. Create service
$ ipa service-add sample/server.domain
2a. Create the service key? How?
2b. Generate the keytab for the key? How?
3. Copy the keytab to the server? Manually or is there a freeipa
way to do that?
Is this approach correct? Any pointer to the relevant
documentation would also be helpful.
(I'm completely new to freeipa.)
Ciao
Dominik ^_^ ^_^
--
Dominik Vogt