Skip site navigation (1)Skip section navigation (2)

FreeBSD Manual Pages

  
 
  

home | help
SSERVER(8)			 MIT Kerberos			    SSERVER(8)

NAME
       sserver - sample	Kerberos version 5 server

SYNOPSIS
       sserver [ -p port ] [ -S	keytab ] [ server_port ]

DESCRIPTION
       sserver	and sclient(1) are a simple demonstration client/server	appli-
       cation.	When sclient connects to sserver, it performs a	 Kerberos  au-
       thentication,  and then sserver returns to sclient the Kerberos princi-
       pal which was used for the Kerberos authentication.  It	makes  a  good
       test that Kerberos has been successfully	installed on a machine.

       The service name	used by	sserver	and sclient is sample.	Hence, sserver
       will require that there be a keytab entry for the service  sample/host-
       name.domain.name@REALM.NAME.   This  keytab is generated	using the kad-
       min(1)  program.	   The	 keytab	  file	 is   usually	installed   as
       FILE:/etc/krb5.keytab.

       The -S option allows for	a different keytab than	the default.

       sserver	is  normally invoked out of inetd(8), using a line in /etc/in-
       etd.conf	that looks like	this:

	  sample stream	tcp nowait root	/usr/local/sbin/sserver	sserver

       Since sample is normally	not a port defined in /etc/services, you  will
       usually have to add a line to /etc/services which looks like this:

	  sample	  13135/tcp

       When  using  sclient,  you will first have to have an entry in the Ker-
       beros database, by using	kadmin(1), and then you	have to	 get  Kerberos
       tickets,	 by using kinit(1).  Also, if you are running the sclient pro-
       gram on a different host	than the sserver it will be connecting to,  be
       sure  that both hosts have an entry in /etc/services for	the sample tcp
       port, and that the same port number is in both files.

       When you	run sclient you	should see something like this:

	  sendauth succeeded, reply is:
	  reply	len 32,	contents:
	  You are nlgilman@JIMI.MIT.EDU

COMMON ERROR MESSAGES
       1. kinit	returns	the error:

	     kinit: Client not found in	Kerberos database while	getting
		    initial credentials

	  This means that you didn't create an entry for your username in  the
	  Kerberos database.

       2. sclient returns the error:

	     unknown service sample/tcp; check /etc/services

	  This	means  that  you  don't	have an	entry in /etc/services for the
	  sample tcp port.

       3. sclient returns the error:

	     connect: Connection refused

	  This probably	means you didn't edit  /etc/inetd.conf	correctly,  or
	  you didn't restart inetd after editing inetd.conf.

       4. sclient returns the error:

	     sclient: Server not found in Kerberos database while using
		      sendauth

	  This	means that the sample/hostname@LOCAL.REALM service was not de-
	  fined	in the Kerberos	database; it  should  be  created  using  kad-
	  min(1),  and a keytab	file needs to be generated to make the key for
	  that service principal available for sclient.

       5. sclient returns the error:

	     sendauth rejected,	error reply is:
		 "No such file or directory"

	  This probably	means sserver couldn't find the	keytab file.   It  was
	  probably not installed in the	proper directory.

ENVIRONMENT
       See kerberos(7) for a description of Kerberos environment variables.

SEE ALSO
       sclient(1), kerberos(7),	services(5), inetd(8)

AUTHOR
       MIT

COPYRIGHT
       1985-2020, MIT

1.19								    SSERVER(8)

NAME | SYNOPSIS | DESCRIPTION | COMMON ERROR MESSAGES | ENVIRONMENT | SEE ALSO | AUTHOR | COPYRIGHT

Want to link to this manual page? Use this URL:
<https://www.freebsd.org/cgi/man.cgi?query=sserver&sektion=8&manpath=FreeBSD+12.2-RELEASE+and+Ports>

home | help