當前位置：首頁 > 编程资源 > 编程问答 >内容正文

编程问答

kerberos 主从安装

發布時間：2023/11/29 编程问答 25 豆豆

生活随笔收集整理的這篇文章主要介紹了 kerberos 主从安装小編覺得挺不錯的,現在分享給大家,幫大家做個參考.

hadoop 安全應用kerberos ，搭建KDC使其高可用

操作系統 ubuntu 12.04?

Kerberos?Server ##################### 規范介紹 #######################################Realm:?BJPUC1.COM -->?建議大寫Primary?KDC:?nn1.bjpuc1.com -->?建議用域名?192.168.88.16Secondary?KDC:?nn2.bjpuc1.com -->?192.168.88.17User?principal:?bjpuc1Admin?principal:?bjpuc1/adminNTP?時間服務器 -->?時間需要同步 ##################### 規范介紹 #######################################

Primary KDC

????apt-get?install?krb5-kdc?krb5-admin-serverkrb5_newrealm????dpkg-reconfigure?krb5-kdc????cat?/etc/krb5.conf????###此文件為所有應用kerbers?機器通用[logging]default?=?FILE:/var/log/krb5libs.logkdc?=?FILE:/var/log/krb5kdc.logadmin_server?=?FILE:/var/log/kadmind.log[libdefaults]default_realm?=?BJPUC1.COMdns_lookup_realm?=?falsedns_lookup_kdc?=?falseticket_lifetime?=?24hrenew_lifetime?=?2dforwardable?=?truerenewable?=?true[realms]BJPUC1.COM?=?{kdc?=?nn1.bjpuc1.comkdc?=?nn2.bjpuc1.comadmin_server?=?nn1.bjpuc1.com}[domain_realm][kdc]profile=/etc/krb5kdc/kdc.conf????kadmin.localAuthenticating?as?principal?root/admin@BJPUC1.COM?with?password.kadmin.local:?addprinc?bjpuc1/adminWARNING:?no?policy?specified?for?bjpuc1/admin@BJPUC1.COM;?defaulting?to?no?policyEnter?password?for?principal?"bjpuc1/admin@BJPUC1.COM":?Re-enter?password?for?principal?"bjpuc1/admin@BJPUC1.COM":?Principal?"bjpuc1/admin@BJPUC1.COM"?created.kadmin.local:?quit????cat?/etc/krb5kdc/kadm5.aclbjpuc1/admin@BJPUC1.COM????????*/etc/init.d/krb5-admin-server?restartkinit?bjpuc1/adminbjpuc1/admin@BJPUC1.COM's?Password:????cat?/etc/hosts????????##或用DNS方式解決host/nn1.bjpuc1.com@bjpuc1.comhost/nn2.bjpuc1.com@bjpuc1.com????kadmin?-q?"addprinc?-randkey?host/nn1.bjpuc1.com"kadmin?-q?"ktadd?-norandkey?-k?/etc/krb5.keytab?host/nn1.bjpuc1.com"klist?-k?/etc/krb5.keytabklist?-k?/etc/krb5.keytabkprop?-r?bjpuc1.com?-f?/var/lib/krb5kdc/dump?nn2.bjpuc1.comvi?/etc/crontab0?*?*?*?*?/usr/sbin/kdb5_util?dump?/var/lib/krb5kdc/dump?&&?/usr/sbin/kprop?-r?BJPUC1.COM?-f?/var/lib/krb5kdc/dump?nn2.bjpuc1.com

Secondary KDC

????apt-get?install?krb5-kdc?krb5-admin-serverkadmin?-q?"addprinc?-randkey?host/nn2.bjpuc1.com"kadmin?-q?"ktadd?-norandkey?-k?/etc/krb5.keytab?host/nn2.bjpuc1.com"vi?/etc/krb5kdc/kpropd.aclhost/nn1.bjpuc1.com@bjpuc1.comhost/nn2.bjpuc1.com@bjpuc1.comkdb5_util?-s?createkpropd?-Skdb5_util?stash/etc/init.d/krb5-kdc?start

Kerberos Linux Client

????apt-get?install?krb5-user?libpam-krb5?libpam-ccreds?auth-client-config

轉載于:https://blog.51cto.com/374400/1428504

創作挑戰賽新人創作獎勵來咯，堅持創作打卡瓜分現金大獎

總結

以上是生活随笔為你收集整理的kerberos 主从安装的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。