head	1.2;
access;
symbols
	perseant-exfatfs-base-20250801:1.2
	perseant-exfatfs-base-20240630:1.2
	perseant-exfatfs:1.2.0.46
	perseant-exfatfs-base:1.2
	cjep_sun2x:1.2.0.44
	cjep_sun2x-base:1.2
	cjep_staticlib_x-base1:1.2
	cjep_staticlib_x:1.2.0.42
	cjep_staticlib_x-base:1.2
	phil-wifi-20200421:1.2
	phil-wifi-20200411:1.2
	phil-wifi-20200406:1.2
	pgoyette-compat-merge-20190127:1.2
	pgoyette-compat-20190127:1.2
	pgoyette-compat-20190118:1.2
	pgoyette-compat-1226:1.2
	pgoyette-compat-1126:1.2
	pgoyette-compat-1020:1.2
	pgoyette-compat-0930:1.2
	pgoyette-compat-0906:1.2
	pgoyette-compat-0728:1.2
	pgoyette-compat-0625:1.2
	pgoyette-compat-0521:1.2
	pgoyette-compat-0502:1.2
	pgoyette-compat-0422:1.2
	pgoyette-compat-0415:1.2
	pgoyette-compat-0407:1.2
	pgoyette-compat-0330:1.2
	pgoyette-compat-0322:1.2
	pgoyette-compat-0315:1.2
	pgoyette-compat:1.2.0.40
	pgoyette-compat-base:1.2
	perseant-stdc-iso10646:1.2.0.38
	perseant-stdc-iso10646-base:1.2
	prg-localcount2-base3:1.2
	prg-localcount2-base2:1.2
	prg-localcount2-base1:1.2
	prg-localcount2:1.2.0.36
	prg-localcount2-base:1.2
	pgoyette-localcount-20170426:1.2
	bouyer-socketcan-base1:1.2
	pgoyette-localcount-20170320:1.2
	bouyer-socketcan:1.2.0.34
	bouyer-socketcan-base:1.2
	pgoyette-localcount-20170107:1.2
	pgoyette-localcount-20161104:1.2
	localcount-20160914:1.2
	pgoyette-localcount-20160806:1.2
	pgoyette-localcount-20160726:1.2
	pgoyette-localcount:1.2.0.32
	pgoyette-localcount-base:1.2
	netbsd-5-2-3-RELEASE:1.2
	netbsd-5-1-5-RELEASE:1.2
	yamt-pagecache-base9:1.2
	yamt-pagecache-tag8:1.2
	tls-earlyentropy:1.2.0.28
	tls-earlyentropy-base:1.2
	riastradh-xf86-video-intel-2-7-1-pre-2-21-15:1.2
	riastradh-drm2-base3:1.2
	netbsd-5-2-2-RELEASE:1.2
	netbsd-5-1-4-RELEASE:1.2
	netbsd-5-2-1-RELEASE:1.2
	netbsd-5-1-3-RELEASE:1.2
	agc-symver:1.2.0.30
	agc-symver-base:1.2
	tls-maxphys-base:1.2
	yamt-pagecache-base8:1.2
	netbsd-5-2:1.2.0.26
	yamt-pagecache-base7:1.2
	netbsd-5-2-RELEASE:1.2
	netbsd-5-2-RC1:1.2
	yamt-pagecache-base6:1.2
	yamt-pagecache-base5:1.2
	yamt-pagecache-base4:1.2
	netbsd-5-1-2-RELEASE:1.2
	netbsd-5-1-1-RELEASE:1.2
	yamt-pagecache-base3:1.2
	yamt-pagecache-base2:1.2
	yamt-pagecache:1.2.0.24
	yamt-pagecache-base:1.2
	bouyer-quota2-nbase:1.2
	bouyer-quota2:1.2.0.22
	bouyer-quota2-base:1.2
	matt-nb5-pq3:1.2.0.20
	matt-nb5-pq3-base:1.2
	netbsd-5-1:1.2.0.18
	netbsd-5-1-RELEASE:1.2
	netbsd-5-1-RC4:1.2
	netbsd-5-1-RC3:1.2
	netbsd-5-1-RC2:1.2
	netbsd-5-1-RC1:1.2
	netbsd-5-0-2-RELEASE:1.2
	netbsd-5-0-1-RELEASE:1.2
	jym-xensuspend-nbase:1.2
	netbsd-5-0:1.2.0.16
	netbsd-5-0-RELEASE:1.2
	netbsd-5-0-RC4:1.2
	netbsd-5-0-RC3:1.2
	netbsd-5-0-RC2:1.2
	jym-xensuspend:1.2.0.14
	jym-xensuspend-base:1.2
	netbsd-5-0-RC1:1.2
	netbsd-5:1.2.0.12
	netbsd-5-base:1.2
	mjf-devfs2:1.2.0.10
	mjf-devfs2-base:1.2
	yamt-pf42-base4:1.2
	yamt-pf42-base3:1.2
	hpcarm-cleanup-nbase:1.2
	yamt-pf42-base2:1.2
	yamt-pf42:1.2.0.8
	yamt-pf42-base:1.2
	keiichi-mipv6:1.2.0.6
	keiichi-mipv6-base:1.2
	cube-autoconf:1.2.0.4
	cube-autoconf-base:1.2
	hpcarm-cleanup:1.2.0.2
	hpcarm-cleanup-base:1.2
	krb4-1-1:1.1.1.1
	KTH-KRB:1.1.1;
locks; strict;
comment	@# @;


1.2
date	2001.09.24.12.37.59;	author wiz;	state dead;
branches;
next	1.1;

1.1
date	2001.09.17.12.10.06;	author assar;	state Exp;
branches
	1.1.1.1;
next	;

1.1.1.1
date	2001.09.17.12.10.06;	author assar;	state Exp;
branches;
next	;


desc
@@


1.2
log
@Remove formatted man pages. Ok'd by joda.
@
text
@
KERBEROS(8)              UNIX System Manager's Manual              KERBEROS(8)

NNAAMMEE
     kkeerrbbeerrooss - the kerberos daemon

SSYYNNPPOOSSIISS
     kkeerrbbeerrooss [--mmnnss] [--aa _m_a_x _a_g_e] [--ii _a_d_d_r_e_s_s] [--ll _l_o_g] [--pp _p_a_u_s_e] [--PP
     _p_o_r_t_s_p_e_c] [--rr _r_e_a_l_m] [_d_a_t_a_b_a_s_e]

DDEESSCCRRIIPPTTIIOONN
     This is the kkeerrbbeerrooss daemon.

     Options:

     --aa      Set the _m_a_x _a_g_e before the database is considered stale.

     --ii      Only listen on _a_d_d_r_e_s_s. Normally, the kerberos server listens on
             all addresses of all interfaces.

     --ll      Write the log to _l_o_g

     --mm      Run manually and prompt for master key.

     --nn      Do not check max age.

     --pp      Pause for _p_a_u_s_e before dying.

     --PP      Listen to the ports specified by _p_o_r_t_s_p_e_c. This should be a
             white-space separated list of port specificatios. A port specifi-
             cation follows the format: _p_o_r_t[/_p_r_o_t_o_c_o_l]. The _p_o_r_t can be ei-
             ther a symbolic port name (from _/_e_t_c_/_s_e_r_v_i_c_e_s), or a number;
             _p_r_o_t_o_c_o_l _c_a_n _b_e _e_i_t_h_e_r udp, or tcp. If left out, the KDC will
             listen to both UDP and TCP sockets on the specified port.
             The special string + mean that the default set of ports (TCP and
             UDP on ports 88 and 750) should be included.

     --rr      Run as a server for realm _r_e_a_l_m

     --ss      Set slave parameters.  This will enable check to see if data is
             getting too stale relative to the master.

     If no _d_a_t_a_b_a_s_e is given a default datbase will be used, normally
     _/_v_a_r_/_k_e_r_b_e_r_o_s_/_p_r_i_n_c_i_p_a_l.

DDIIAAGGNNOOSSTTIICCSS
     The server logs several messages in a log file (_/_v_a_r_/_r_u_n_/_k_e_r_b_e_r_o_s_._l_o_g by
     default).  The logging mechanism opens and closes the log file for each
     message, so you can safely rename the log file when the server is run-
     ning.

   OOppeerraattiioonnaall mmeessssaaggeess
     These are normal messages that you will see in the log. They might be
     followed by some error message.

     Getting key for _R_E_A_L_M
            The server fetched the key for `krbtgt.REALM' for the specific
            realm. You will see this at startup, and for every attempt to use
            cross realm authentication.

     Starting Kerberos for _R_E_A_L_M (kvno _k_v_n_o)
            You will see this also if you start with --mm.

     AS REQ _n_a_m_e_._i_n_s_t_a_n_c_e_@@_R_E_A_L_M for _s_n_a_m_e_._s_i_n_s_t_a_n_c_e from _i_p_-_n_u_m_b_e_r

            An initial (password authenticated) request was received.

     APPL REQ _n_a_m_e_._i_n_s_t_a_n_c_e_@@_R_E_A_L_M for _s_n_a_m_e_._s_i_n_s_t_a_n_c_e from _i_p_-_n_u_m_b_e_r
            A tgt-based request for a ticket was made.

   EErrrroorr mmeessssaaggeess
     These messages reflects misconfigured clients, invalid requests, or pos-
     sibly attepted attacks.

     UNKNOWN _n_a_m_e_._i_n_s_t_a_n_c_e
            The server received a request with an unknown principal. This is
            most likely because someone typed the wrong name at a login
            prompt. It could also be someone trying to get a list of possible
            users.

     Unknown realm _R_E_A_L_M from _i_p_-_n_u_m_b_e_r
            There isn't a principal for `krbtgt.REALM' in the database.

     Can't hop realms: _R_E_A_L_M_1 -> _R_E_A_L_M_2
            There was a request for a ticket for another realm.  This might be
            because of a misconfigured client.

     Principal not unique _n_a_m_e_._i_n_s_t_a_n_c_e
            There is more than one entry for this principal in the database.
            This is not very good.

     Null key _n_a_m_e_._i_n_s_t_a_n_c_e
            Someone tried to use a principal that for some reason doesn't have
            a key.

     Incorrect master key version for _n_a_m_e_._i_n_s_t_a_n_c_e : _n_u_m_b_e_r (should be _n_u_m_-
            _b_e_r)
            The principal has it's key encrypted with the wrong master key.

     Principal _n_a_m_e_._i_n_s_t_a_n_c_e expired at _d_a_t_e
            The principal's key has expired.

     krb_rd_req from _i_p_-_n_u_m_b_e_r: _e_r_r_o_r_-_m_e_s_s_a_g_e
            The message couldn't be decoded properly. The error message will
            give you further hints. You will see this if someone is trying to
            use expired tickets.

     Unknown message type: _n_u_m_b_e_r from _i_p_-_n_u_m_b_e_r
            The message received was not one that is understood by this serv-
            er.

     Can't authorize password changed based on TGT
            Someone tried to get a `changepw.kerberos' via a tgt exchange.
            This is because of a broken client, or possibly an attack.

     KRB protocol version mismatch (_n_u_m_b_e_r)
            The server received a request with an unknown version number.

   FFaattaall eerrrroorr mmeessssaaggeess
     The following messages indicate problems when starting the server.

     Database unavailable!
            There was some problem reading the database.

     Database currently being updated!
            Someone is currently updating the database (possibly via krop).

     Database out of date!
            The database is older than the maximum age specified.

     Couldn't get master key.

            The master key file wasn't found or the file is damaged.

     Can't verify master key.
            The key in the keyfile doesn't match the current databse.

     Ticket granting ticket service unknown
            The database doesn't contain a `krbtgt.REALM' for the local realm.

SSEEEE AALLSSOO
     kprop(8),  kpropd(8)

 KTH-KRB                      September 26, 1997                             3
@


1.1
log
@Initial revision
@
text
@@


1.1.1.1
log
@import krb4-1.1
@
text
@@