A principal for kadmin


To use kadmin with kerberos authentication we need a principal with the "admin" instance. Let's add one:

kadmin.local 
Authenticating as principal root/admin@REDFLO.DE with password.
kadmin.local:  add_principal
usage: add_principal [options] principal
        options are:
                [-expire expdate] [-pwexpire pwexpdate] [-maxlife maxtixlife]
                [-kvno kvno] [-policy policy] [-randkey] [-pw password]
                [-maxrenewlife maxrenewlife]
                [-e keysaltlist]
                [{+|-}attribute]
        attributes are:
                allow_postdated allow_forwardable allow_tgs_req allow_renewable
                allow_proxiable allow_dup_skey allow_tix requires_preauth
                requires_hwauth needchange allow_svr password_changing_service


Here you see the syntax of add_principal.

kadmin.local:  add_principal ruth/admin
WARNING: no policy specified for ruth/admin@REDFLO.DE; defaulting to no policy
Enter password for principal "ruth/admin@REDFLO.DE": 
Re-enter password for principal "ruth/admin@REDFLO.DE": 
Principal "ruth/admin@REDFLO.DE" created.


I added a principal named ruth/admin and got prompted for a password. Let's try:

kadmin -p ruth/admin
Authenticating as principal ruth/admin with password.
Password for ruth/admin@REDFLO.DE: 
kadmin: 


We're in!