.\" .\" This source code is no longer held under any constraint of USA .\" `cryptographic laws' since it was exported legally. The cryptographic .\" functions were removed from the code and a "Bones" distribution was .\" made. A Commodity Jurisdiction Request #012-94 was filed with the .\" USA State Department, who handed it to the Commerce department. The .\" code was determined to fall under General License GTDA under ECCN 5D96G, .\" and hence exportable. The cryptographic interfaces were re-added by Eric .\" Young, and then KTH proceeded to maintain the code in the free world. .\" .\"Copyright (C) 1989 by the Massachusetts Institute of Technology .\" .\"Export of this software from the United States of America is assumed .\"to require a specific license from the United States Government. .\"It is the responsibility of any person or organization contemplating .\"export to obtain such a license before exporting. .\" .\"WITHIN THAT CONSTRAINT, permission to use, copy, modify, and .\"distribute this software and its documentation for any purpose and .\"without fee is hereby granted, provided that the above copyright .\"notice appear in all copies and that both that copyright notice and .\"this permission notice appear in supporting documentation, and that .\"the name of M.I.T. not be used in advertising or publicity pertaining .\"to distribution of the software without specific, written prior .\"permission. M.I.T. makes no representations about the suitability of .\"this software for any purpose. It is provided "as is" without express .\"or implied warranty. .\" .\" $OpenBSD: krb.conf.5,v 1.6 1999/02/27 08:49:49 deraadt Exp $ .TH KRB.CONF 5 "Kerberos Version 4.0" "MIT Project Athena" .SH NAME krb.conf \- Kerberos configuration file .SH DESCRIPTION .I krb.conf contains configuration information describing the Kerberos realm and the Kerberos key distribution center (KDC) servers for known realms. .PP .I krb.conf contains the name of the local realm in the first line, followed by lines indicating realm/host entries. The first token is a realm name, and the second is the hostname of a host running a KDC for that realm. The words "admin server" following the hostname indicate that the host also provides an administrative database server. A hash sign (#) as a first character of the krb.conf file disables kerberos authentication on the system. For example: .nf .in +1i ATHENA.MIT.EDU ATHENA.MIT.EDU kerberos-1.mit.edu admin server ATHENA.MIT.EDU kerberos-2.mit.edu LCS.MIT.EDU kerberos.lcs.mit.edu admin server .in -1i .SH SEE ALSO krb.realms(5), krb_get_krbhst(3), krb_get_lrealm(3)