client_service
/
voice-gateway


			
				
					
						
						
							123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140
							.\" Man page generated from reStructuredText.
.
.TH "KRB5KDC" "8" " " "1.20.1" "MIT Kerberos"
.SH NAME
krb5kdc \- Kerberos V5 KDC
.
.nr rst2man-indent-level 0
.
.de1 rstReportMargin
\\$1 \\n[an-margin]
level \\n[rst2man-indent-level]
level margin: \\n[rst2man-indent\\n[rst2man-indent-level]]
-
\\n[rst2man-indent0]
\\n[rst2man-indent1]
\\n[rst2man-indent2]
..
.de1 INDENT
.\" .rstReportMargin pre:
. RS \\$1
. nr rst2man-indent\\n[rst2man-indent-level] \\n[an-margin]
. nr rst2man-indent-level +1
.\" .rstReportMargin post:
..
.de UNINDENT
. RE
.\" indent \\n[an-margin]
.\" old: \\n[rst2man-indent\\n[rst2man-indent-level]]
.nr rst2man-indent-level -1
.\" new: \\n[rst2man-indent\\n[rst2man-indent-level]]
.in \\n[rst2man-indent\\n[rst2man-indent-level]]u
..
.SH SYNOPSIS
.sp
\fBkrb5kdc\fP
[\fB\-x\fP \fIdb_args\fP]
[\fB\-d\fP \fIdbname\fP]
[\fB\-k\fP \fIkeytype\fP]
[\fB\-M\fP \fImkeyname\fP]
[\fB\-p\fP \fIportnum\fP]
[\fB\-m\fP]
[\fB\-r\fP \fIrealm\fP]
[\fB\-n\fP]
[\fB\-w\fP \fInumworkers\fP]
[\fB\-P\fP \fIpid_file\fP]
[\fB\-T\fP \fItime_offset\fP]
.SH DESCRIPTION
.sp
krb5kdc is the Kerberos version 5 Authentication Service and Key
Distribution Center (AS/KDC).
.SH OPTIONS
.sp
The \fB\-r\fP \fIrealm\fP option specifies the realm for which the server
should provide service.  This option may be specified multiple times
to serve multiple realms.  If no \fB\-r\fP option is given, the default
realm (as specified in krb5.conf(5)) will be served.
.sp
The \fB\-d\fP \fIdbname\fP option specifies the name under which the
principal database can be found.  This option does not apply to the
LDAP database.
.sp
The \fB\-k\fP \fIkeytype\fP option specifies the key type of the master key
to be entered manually as a password when \fB\-m\fP is given; the default
is \fBaes256\-cts\-hmac\-sha1\-96\fP\&.
.sp
The \fB\-M\fP \fImkeyname\fP option specifies the principal name for the
master key in the database (usually \fBK/M\fP in the KDC\(aqs realm).
.sp
The \fB\-m\fP option specifies that the master database password should
be fetched from the keyboard rather than from a stash file.
.sp
The \fB\-n\fP option specifies that the KDC does not put itself in the
background and does not disassociate itself from the terminal.
.sp
The \fB\-P\fP \fIpid_file\fP option tells the KDC to write its PID into
\fIpid_file\fP after it starts up.  This can be used to identify whether
the KDC is still running and to allow init scripts to stop the correct
process.
.sp
The \fB\-p\fP \fIportnum\fP option specifies the default UDP and TCP port
numbers which the KDC should listen on for Kerberos version 5
requests, as a comma\-separated list.  This value overrides the port
numbers specified in the kdcdefaults section of
kdc.conf(5), but may be overridden by realm\-specific values.
If no value is given from any source, the default port is 88.
.sp
The \fB\-w\fP \fInumworkers\fP option tells the KDC to fork \fInumworkers\fP
processes to listen to the KDC ports and process requests in parallel.
The top level KDC process (whose pid is recorded in the pid file if
the \fB\-P\fP option is also given) acts as a supervisor.  The supervisor
will relay SIGHUP signals to the worker subprocesses, and will
terminate the worker subprocess if the it is itself terminated or if
any other worker process exits.
.sp
The \fB\-x\fP \fIdb_args\fP option specifies database\-specific arguments.
See Database Options in kadmin(1) for
supported arguments.
.sp
The \fB\-T\fP \fIoffset\fP option specifies a time offset, in seconds, which
the KDC will operate under.  It is intended only for testing purposes.
.SH EXAMPLE
.sp
The KDC may service requests for multiple realms (maximum 32 realms).
The realms are listed on the command line.  Per\-realm options that can
be specified on the command line pertain for each realm that follows
it and are superseded by subsequent definitions of the same option.
.sp
For example:
.INDENT 0.0
.INDENT 3.5
.sp
.nf
.ft C
krb5kdc \-p 2001 \-r REALM1 \-p 2002 \-r REALM2 \-r REALM3
.ft P
.fi
.UNINDENT
.UNINDENT
.sp
specifies that the KDC listen on port 2001 for REALM1 and on port 2002
for REALM2 and REALM3.  Additionally, per\-realm parameters may be
specified in the kdc.conf(5) file.  The location of this file
may be specified by the \fBKRB5_KDC_PROFILE\fP environment variable.
Per\-realm parameters specified in this file take precedence over
options specified on the command line.  See the kdc.conf(5)
description for further details.
.SH ENVIRONMENT
.sp
See kerberos(7) for a description of Kerberos environment
variables.
.SH SEE ALSO
.sp
kdb5_util(8), kdc.conf(5), krb5.conf(5),
kdb5_ldap_util(8), kerberos(7)
.SH AUTHOR
MIT
.SH COPYRIGHT
1985-2022, MIT
.\" Generated by docutils manpage writer.
.