System Administration Guide: Security Services

ProcedureHow to Create a Credential Table

The gsscred credential table is used by an NFS server to map Kerberos credentials to a UID. By default, the primary part of the principal name is matched to a UNIX login name. For NFS clients to mount file systems from an NFS server with Kerberos authentication, this table must be created if the default mapping is not sufficient.

  1. Edit /etc/gss/gsscred.conf and change the security mechanism.

    Change the mechanism to files.

  2. Create the credential table by using the gsscred command.

    # gsscred -m kerberos_v5 -a

    The gsscred command gathers information from all sources that are listed with the passwd entry in the /etc/nsswitch.conf file. You might need to temporarily remove the files entry, if you do not want the local password entries included in the credential table. See the gsscred(1M) man page for more information.