1# @(#)README 8.1 (Berkeley) 06/09/93 2 3Notes about the contents of the /etc/kerberosIV directory: 4 5The file master_key contains a copy of the master key under which the 6entire Kerberos database is encrypted. Disclosing this key would be bad 7news. The reason it is stored in the filesystem is because the following 8programs need to inspect or modify the kereros database, and so the key 9must be available for them, (or else it would have to be typed in by 10hand): 11 - kerberos (the server itself) 12 - registerd (for new user registration) 13 - kpasswdd (for changing passwords) 14 15The srvtab file contains the encryption keys for each service on the local 16host. Any host offering network services would have a key here, although 17many such files can be used. 18 19The principal.* files comprise the Kerberos database itself, and contain 20keys for all principles, and should not be world-readable. 21 22The kerberos.conf file contains the configuration for this machine: 23 - which realm I'm in 24 - which servers I should talk to for this realm 25 26The kerberos.realms file contains the name of Kerberos servers for 27various (sub)domains. 28 29Kerberos log information it placed in /var/log/kerberos.log 30(see rc.local to change it) 31 32The register_keys directory contains a set of files (all of which begin 33with "."), each of which contains a des key used for registering new users 34with the system. It is used only by the "registerd" program, and only on 35a Kerberos server host. 36