1 # $FreeBSD: src/etc/kerberosIV/README,v 1.3.2.1 2000/10/06 17:36:57 alex Exp $
2 # @(#)README 5.1 (Berkeley) 6/30/90
4 Notes about the contents of the /etc/kerberosIV directory:
6 The file master_key contains a copy of the master key under which the
7 entire Kerberos database is encrypted. Disclosing this key would be bad
8 news. The reason it is stored in the filesystem is because the following
9 programs need to inspect or modify the kerberos database, and so the key
10 must be available for them, (or else it would have to be typed in by
12 - kerberos (the server itself)
13 - registerd (for new user registration)
14 - kpasswdd (for changing passwords)
16 The srvtab file contains the encryption keys for each service on the local
17 host. Any host offering network services would have a key here, although
18 many such files can be used.
20 The principal.* files comprise the Kerberos database itself, and contain
21 keys for all principles, and should not be world-readable.
23 The kerberos.conf file contains the configuration for this machine:
25 - which servers I should talk to for this realm
27 The kerberos.realms file contains the name of Kerberos servers for
30 Kerberos log information it placed in /var/log/kerberos.log
31 (see rc.local to change it)
33 The register_keys directory contains a set of files (all of which begin
34 with "."), each of which contains a des key used for registering new users
35 with the system. It is used only by the "registerd" program, and only on
36 a Kerberos server host.