test chroma

nfsv4-kerberos-debian.org

@@ -15,8 +15,7 @@ with this document./
 /SPDX-License-Identifier: [[https://spdx.org/licenses/GFDL-1.3-or-later.html][GFDL-1.3-or-later]]/
 #+END_QUOTE
 
-* Table of Contents :TOC:
+* Table of Contents
-
 **** Table of Contents
 #+TOC: headlines 3
 
@@ -39,6 +38,7 @@ security, on a [[https://www.debian.org/][Debian]] based system (Debian, [[https
 - NTP :: All machines (clients and servers) must be time-synchronized, as Kerberos authentication is partly based on tickets timestamps.
 - DNS server (optional) :: Kerberos may, in some configurations make use of some DNS records such as [[https://en.wikipedia.org/wiki/SRV_record][SRV]] or [[https://en.wikipedia.org/wiki/TXT_record][TXT]].
   A lightweight DNS server like [[https://dnsmasq.org/][dnsmasq]] is sufficient, and will avoid the administration of a full-fledged server such as [[https://www.isc.org/bind/][bind]].
+-
 
 * Kerberos (V5)
 There are basically two major implementations of [[https://datatracker.ietf.org/doc/html/rfc4120][Kerberos v5]] on GNU/Linux: The original [[http://web.mit.edu/kerberos/www/][MIT]] one, and the [[https://github.com/heimdal/heimdal][Heimdal]] one. There was also a GNU implementation ([[http://www.gnu.org/software/shishi/][Shishi]]), but developement looks stalled for 10+ years.
@@ -67,11 +67,11 @@ On server side, install the necessary packages with :
 #+BEGIN_SRC sh
 sudo apt install krb5-config heimdal-kdc heimdal-servers heimdal-clients heimdal-kcm
 #+END_SRC
-And on client(s), install the following :
+And on client(s), install instead ~krb5-config~ and ~heimdal-clients~ packages :
 #+BEGIN_SRC sh
 sudo apt-get install krb5-config heimdal-clients
 #+END_SRC
-On your desktop, you may also want to install some documentation with:
+On your desktop, you may also want to install Heimdal documentation :
 #+BEGIN_SRC
 sudo apt-get install heimdal-docs
 #+END_SRC
@@ -81,8 +81,8 @@ The ~krb5-config~ package installation will ask you some questions, you can just
 - Kerberos servers for your realm: ~kdc1.lan kdc2.lan~
 - Administrative server for your Kerberos realm: ~kadmin.lan~
 
-After this initial configutation, edit ~/etc/krb5.conf~, clean up everything and add a section in domain_realm section for your local network. You should end up with something similar to :
+After this initial configutation, edit ~/etc/krb5.conf~, clean up everything and add a domain_realm section for your local network. You should end up with something similar to :
-#+BEGIN_SRC conf
+*** #+BEGIN_SRC conf
 [libdefaults]
 	default_realm = LAN
 	kdc_timesync = true
@@ -103,7 +103,7 @@ After this initial configutation, edit ~/etc/krb5.conf~, clean up everything and
 ** Kerberos database initialization
 It is possible installation process may have created files in ~/var/lib/heimdal-kdc~, manual is unclear. To be on secure side, we remove everything before going further :
 
-#+BEGIN_SRC conf
+#+BEGIN_SRC docker
 [libdefaults]
 	default_realm = LAN
 [realms]
@@ -113,6 +113,11 @@ It is possible installation process may have created files in ~/var/lib/heimdal-
 		admin_server = kadmin.lan
 	}
 #+END_SRC
+#+BEGIN_SRC conf
+foo         bar
+line        2
+third       line
+#+END_SRC
 
 ** Server side
 *** Heimdal Kerberos installation
@@ -125,7 +130,7 @@ heimdal-docs heimdal-clients
 ** Testing
 * Sources
 Kerberos setup:
-- ~info heimdal~ (documentation from heimdal-docs).
+- ~info heimdal~ (documentation from heimdal-docs)
 - [[http://chschneider.eu/linux/server/heimdal.shtml][Heimdal setup on Debian]]
 - [[http://www.cs.rug.nl/~jurjen/ApprenticesNotes/ad_kinit.html][Debian/Ubuntu Linux with Active Directory Kerberos Server]]
 - [[https://web.mit.edu/kerberos/krb5-1.13/doc/admin/princ_dns.html][Principal names and DNS]]