diff options
Diffstat (limited to 'doc/admin/conf_files/kdc_conf.rst')
| -rw-r--r-- | doc/admin/conf_files/kdc_conf.rst | 28 |
1 files changed, 7 insertions, 21 deletions
diff --git a/doc/admin/conf_files/kdc_conf.rst b/doc/admin/conf_files/kdc_conf.rst index edd25b2cb..987826642 100644 --- a/doc/admin/conf_files/kdc_conf.rst +++ b/doc/admin/conf_files/kdc_conf.rst @@ -491,9 +491,7 @@ In the following example, the logging messages from the KDC will go to the console and to the system log under the facility LOG_DAEMON with default severity of LOG_INFO; and the logging messages from the administrative server will be appended to the file -``/var/adm/kadmin.log`` and sent to the device ``/dev/tty04``. - - :: +``/var/adm/kadmin.log`` and sent to the device ``/dev/tty04``. :: [logging] kdc = CONSOLE @@ -543,9 +541,7 @@ For each token type, the following tags may be specified: passed to the RADIUS server. Otherwise, the realm will be included. The default value is ``true``. -In the following example, requests are sent to a remote server via UDP. - - :: +In the following example, requests are sent to a remote server via UDP:: [otp] MyRemoteTokenType = { @@ -559,9 +555,7 @@ In the following example, requests are sent to a remote server via UDP. An implicit default token type named ``DEFAULT`` is defined for when the per-principal configuration does not specify a token type. Its configuration is shown below. You may override this token type to -something applicable for your situation. - - :: +something applicable for your situation:: [otp] DEFAULT = { @@ -579,18 +573,14 @@ PKINIT options realm-specific value over-rides, does not add to, a generic [kdcdefaults] specification. The search order is: -1. realm-specific subsection of [realms], - - :: +1. realm-specific subsection of [realms]:: [realms] EXAMPLE.COM = { pkinit_anchors = FILE:/usr/local/example.com.crt } -2. generic value in the [kdcdefaults] section. - - :: +2. generic value in the [kdcdefaults] section:: [kdcdefaults] pkinit_anchors = DIR:/usr/local/generic_trusted_cas/ @@ -733,9 +723,7 @@ commands and configuration parameters that affect generation of keys take lists of enctype-salttype ("keysalt") pairs, known as *keysalt lists*. Each keysalt pair is an enctype name followed by a salttype name, in the format *enc*:*salt*. Individual keysalt list members are -separated by comma (",") characters or space characters. For example: - - :: +separated by comma (",") characters or space characters. For example:: kadmin -e aes256-cts:normal,aes128-cts:normal @@ -761,9 +749,7 @@ special generate a random salt Sample kdc.conf File -------------------- -Here's an example of a kdc.conf file: - - :: +Here's an example of a kdc.conf file:: [kdcdefaults] kdc_ports = 88 |