summaryrefslogtreecommitdiffstats
path: root/src/man/sserver.man
diff options
context:
space:
mode:
Diffstat (limited to 'src/man/sserver.man')
-rw-r--r--src/man/sserver.man199
1 files changed, 199 insertions, 0 deletions
diff --git a/src/man/sserver.man b/src/man/sserver.man
new file mode 100644
index 0000000000..aa07d4f24f
--- /dev/null
+++ b/src/man/sserver.man
@@ -0,0 +1,199 @@
+.TH "SSERVER" "8" " " "0.0.1" "MIT Kerberos"
+.SH NAME
+sserver \- sample Kerberos version 5 server
+.
+.nr rst2man-indent-level 0
+.
+.de1 rstReportMargin
+\\$1 \\n[an-margin]
+level \\n[rst2man-indent-level]
+level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
+-
+\\n[rst2man-indent0]
+\\n[rst2man-indent1]
+\\n[rst2man-indent2]
+..
+.de1 INDENT
+.\" .rstReportMargin pre:
+. RS \\$1
+. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
+. nr rst2man-indent-level +1
+.\" .rstReportMargin post:
+..
+.de UNINDENT
+. RE
+.\" indent \\n[an-margin]
+.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.nr rst2man-indent-level -1
+.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
+.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
+..
+.\" Man page generated from reStructeredText.
+.
+.SH SYNOPSIS
+.sp
+\fBsserver\fP
+[ \fB\-p\fP \fIport\fP ]
+[ \fB\-S\fP \fIkeytab\fP ]
+[ \fIserver_port\fP ]
+.SH DESCRIPTION
+.sp
+sserver and \fIsclient(1)\fP are a simple demonstration client/server
+application. When sclient connects to sserver, it performs a Kerberos
+authentication, and then sserver returns to sclient the Kerberos
+principal which was used for the Kerberos authentication. It makes a
+good test that Kerberos has been successfully installed on a machine.
+.sp
+The service name used by sserver and sclient is sample. Hence,
+sserver will require that there be a keytab entry for the service
+\fBsample/hostname.domain.name@REALM.NAME\fP. This keytab is generated
+using the \fIkadmin(1)\fP program. The keytab file is usually
+installed as \fB/etc/krb5.keytab\fP.
+.sp
+The \fB\-S\fP option allows for a different keytab than the default.
+.sp
+sserver is normally invoked out of inetd(8), using a line in
+\fB/etc/inetd.conf\fP that looks like this:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+sample stream tcp nowait root /usr/local/sbin/sserver sserver
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+Since \fBsample\fP is normally not a port defined in \fB/etc/services\fP,
+you will usually have to add a line to \fB/etc/services\fP which looks
+like this:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+sample 13135/tcp
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+When using sclient, you will first have to have an entry in the
+Kerberos database, by using \fIkadmin(1)\fP, and then you have to get
+Kerberos tickets, by using \fIkinit(1)\fP. Also, if you are running
+the sclient program on a different host than the sserver it will be
+connecting to, be sure that both hosts have an entry in /etc/services
+for the sample tcp port, and that the same port number is in both
+files.
+.sp
+When you run sclient you should see something like this:
+.INDENT 0.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+sendauth succeeded, reply is:
+reply len 32, contents:
+You are nlgilman@JIMI.MIT.EDU
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.SH COMMON ERROR MESSAGES
+.INDENT 0.0
+.IP 1. 3
+.
+kinit returns the error:
+.INDENT 3.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+kinit: Client not found in Kerberos database while getting
+ initial credentials
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+This means that you didn\(aqt create an entry for your username in the
+Kerberos database.
+.IP 2. 3
+.
+sclient returns the error:
+.INDENT 3.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+unknown service sample/tcp; check /etc/services
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+This means that you don\(aqt have an entry in /etc/services for the
+sample tcp port.
+.IP 3. 3
+.
+sclient returns the error:
+.INDENT 3.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+connect: Connection refused
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+This probably means you didn\(aqt edit /etc/inetd.conf correctly, or
+you didn\(aqt restart inetd after editing inetd.conf.
+.IP 4. 3
+.
+sclient returns the error:
+.INDENT 3.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+sclient: Server not found in Kerberos database while using
+ sendauth
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+This means that the \fBsample/hostname@LOCAL.REALM\fP service was not
+defined in the Kerberos database; it should be created using
+\fIkadmin(1)\fP, and a keytab file needs to be generated to make
+the key for that service principal available for sclient.
+.IP 5. 3
+.
+sclient returns the error:
+.INDENT 3.0
+.INDENT 3.5
+.sp
+.nf
+.ft C
+sendauth rejected, error reply is:
+ "No such file or directory"
+.ft P
+.fi
+.UNINDENT
+.UNINDENT
+.sp
+This probably means sserver couldn\(aqt find the keytab file. It was
+probably not installed in the proper directory.
+.UNINDENT
+.SH SEE ALSO
+.sp
+\fIsclient(1)\fP, services(5), inetd(8)
+.SH AUTHOR
+MIT
+.SH COPYRIGHT
+2011, MIT
+.\" Generated by docutils manpage writer.
+.
generated by cgit (git 2.34.1) at 2024-09-24 22:26:02 +0000