> I also found it odd that to get the gss-server to start I had to create a
> Kerberos keytab file with a key for a host/localhost principal. I don't
> really see how Kerberos figures into any of this, but putting a dummy key
> there at least got it to start up. I have no actual KDC anywhere; is that
> really a requirement?
There's no requirement for a KDC even with the broken mechglue. If you are feeling adventurous, the aforementioned branch of MIT Kerberos [*] may resolve the keytab requirement.
-- Luke
[*] svn://anonsvn.mit.edu/krb5/users/lhoward/moonshot-mechglue-fixes (you only need to install src/lib/gssapi)
|