config root man

Current Path : /usr/src/crypto/heimdal/packages/debian/extras/

FreeBSD hs32.drive.ne.jp 9.1-RELEASE FreeBSD 9.1-RELEASE #1: Wed Jan 14 12:18:08 JST 2015 root@hs32.drive.ne.jp:/sys/amd64/compile/hs32 amd64
Upload File :
Current File : //usr/src/crypto/heimdal/packages/debian/extras/kdc.conf

[kdc]
# See allowed values in krb5_openlog(3) man page.
logging = FILE:/var/log/heimdal-kdc.log

# detach = boolean

# Gives an upper limit on the size of the requests that the kdc is
# willing to handle.
# max-request =  integer

# Turn off the requirement for pre-autentication in the initial AS-
# REQ for all principals.  The use of pre-authentication makes it
# more difficult to do offline password attacks.  You might want to
# turn it off if you have clients that don't support pre-authenti-
# cation.  Since the version 4 protocol doesn't support any pre-
# authentication, serving version 4 clients is just about the same
# as not requiring pre-athentication.  The default is to require
# pre-authentication.  Adding the require-preauth per principal is
# a more flexible way of handling this.
# require-preauth = boolean

# Specifies the set of ports the KDC should listen on.  It is given
# as a white-space separated list of services or port numbers.
# ports = 88,750

# The list of addresses to listen for requests on.  By default, the
# kdc will listen on all the locally configured addresses.  If only
# a subset is desired, or the automatic detection fails, this
# option might be used.
# addresses = list of ip addresses

# respond to Kerberos 4 requests
# enable-kerberos4 = false

# respond to Kerberos 4 requests from foreign realms.  This is a
# known security hole and should not be enabled unless you under-
# stand the consequences and are willing to live with them.
# enable-kerberos4-cross-realm = false

# respond to 524 requests
# enable-524 = value of enable-kerberos4

# Makes the kdc listen on port 80 and handle requests encapsulated
# in HTTP.
# enable-http = boolean

# What realm this server should act as when dealing with version 4
# requests.  The database can contain any number of realms, but
# since the version 4 protocol doesn't contain a realm for the
# server, it must be explicitly specified.  The default is whatever
# is returned by krb_get_lrealm().  This option is only availabe if
# the KDC has been compiled with version 4 support.
# v4-realm = string

# Enable kaserver emulation (in case it's compiled in).
# enable-kaserver = false

# Check the addresses in the ticket when processing TGS requests.
# check-ticket-addresses = true

# Permit tickets with no addresses.  This option is only
# relevent when check-ticket-addresses is TRUE.
# allow-null-ticket-addresses = true

# Permit anonymous tickets with no addresses.
# allow-anonymous = boolean

# Always verify the transited policy, ignoring the
# disable-transited-check flag if set in the KDC client request.
# transited-policy = {always-check,allow-per-principal,always-honour-request}

# Encode AS-Rep as TGS-Rep to be bug-compatible with old DCE
# code. The Heimdal clients allow both.
# encode_as_rep_as_tgs_rep = boolean

# How long before password/principal expiration the KDC should
# start sending out warning messages.
# kdc_warn_pwexpire = time

# Specifies the set of ports the KDC should listen on.  It is given
# as a white-space separated list of services or port numbers.
# kdc_ports = 88,750

# [password_quality]
# check_library = LIBRARY
# check_function = FUNCTION
# min_length = value

# [kadmin]
# default_keys = list of strings
# use_v4_salt = boolean

Man Man