I have a kerberos client and following is the config of that client for logging.
[logging]
default = FILE:/var/log/krb5kdc.log
admin_server = FILE:/var/log/kadmind.log
kdc = FILE:/var/log/krb5kdc.log
however when I check the files to see the logs it doesn't exist. Even if I try to authenticate with wrong username it shows the error message on console only.
kinit -kt gaurang.shah.keytab gaurang.shah@ab.com
kinit: Keytab contains no suitable keys for gaurang.shah@ab.com while getting initial credentials
Could someone please let me know what I need to do in so that all the error messages are redirected to log file. Also, is there any way to change verbose of the logs ?
This configuration is not intended for the client as you can see by the filenames. You are looking for KRB5_TRACE=/path/to/file env var. This works on MIT Kerberos only.