man fakeka (Administration système) - Fake kaserver for AFS clients

NAME

fakeka - Fake kaserver for AFS clients

SYNOPSIS

fakeka [-dm] [-c cell] [-f forwarder] [-l facility] [-p port] [-r realm]

DESCRIPTION

fakeka is a fake kaserver that speaks just enough of the AFS RX protocol to make klog work. It is used in conjunction with a Kerberos V5 KDC to support existing AFS clients, and is usually used with ka-forwarder. fakeka must run on the same host as your Kerberos V5 KDC, since it needs access to the KDC database. ka-forwarder should run on each of your AFS database servers, pointing to your Kerberos V5 KDCs. fakeka should then be running on each of the KDCs, with the AFS database servers listed as arguments to the -f option.

Note that principals you wish to use fakeka with must have either a V4-style key (des:v4) or an AFS-style key (des:afs3). V5 enctypes won't work.

OPTIONS

-c cell
The AFS cell for which fakeka will be handling requests. If not given, this defaults to the same as the Kerberos V5 realm (see -r below).
-d
Enables debugging. When this flag is given, fakeka will run in the foreground and print debugging information to standard error. Overrides -m.
-f forwarder
Allows forwarded requests from forwarder, which is generally an AFS database server running ka-forwarder. This option can be given multiple times (up to 10). Each system running ka-forwarder should be specified with the -f flag or forwarded requests from that host will not be answered. (The forwarders append their own address to the packet.
-l facility
Log actions via syslog with the given facility rather than the default of LOG_DAEMON. facility must be one of KERN, USER, MAIL, DAEMON, AUTH, LPR, NEWS, UUCP, CRON, LOCAL0, LOCAL1, LOCAL2, LOCAL3, LOCAL4, LOCAL5, LOCAL6, or LOCAL7. This option is case-sensitive. Not all of these facilities may be available, depending on what pre-defined syslog facilities your system provides.
-m
Fork and background when starting. You will usually always want to give this flag.
-p port
Listen on the specified port rather than the default of 7004 (which is what klog expects). port may be a number or a service name from /etc/services.
-r realm
The Kerberos V5 realm to which the requests are being translated. The default is the local default realm.

EXAMPLES

Handle requests for a local cell whose name matches the local realm, accepting forwarded queries from afs1.example.com and afs2.example.com:

fakeka -m -f afs1.example.com -f afs2.example.com

If the cell name doesn't match the realm name, -c would need to be added, specifying the cell name.

SEE ALSO