Let’s make this nice and easy, shall we?

Setting up a computer to use Kempt.net services

This page is intended for users who are setting up a computer to use various Kempt.net services. There are several parts to cover, but it will only take a few minutes:

  1. Set up authentication (SSL cert and Kerberos)
  2. Set up email, if desired
  3. Configure other services

Set up authentication

In order to use Kempt.net services, you’ll need to be able to prove that you are you, and verify that the servers are the servers you intend to talk to. For more details, see the Kempt.net authentication page.

Configure Kerberos

Mac OS X users: Download the Kempt.net edu.mit.Kerberos file, and drag it to your /Library/Preferences folder.

Other users: You will need to use the same configuration file, but most likely called krb5.conf, and install it in the appropriate place. That place varies by platform, but for most Unix-style systems, it goes in /etc .

Add the Kempt.net SSL cert

You'll need to add an SSL certificate to your system so that it knows it can trust the various Kempt.net servers when using SSL. (This is actually a certificate authority cert, for those in the know.)

Download the Kempt.net certificate, and then install it as appropriate. On a Mac, double-click the file, and Keychain Access will open. Select the X509Anchors keychain (or System, if that keychain is not available) and click OK. On Windows, the procedure will be fairly similar. On other OSes, do the appropriate thing.

Set up email

You can choose to use either POP or IMAP to read your mail. Choose POP if you have one computer, and you want to download all your mail to that computer, deleting it from the server. Choose IMAP if you might access your mail from multiple computers, since IMAP stores your mail on the server, sortable into multiple folders.

Configure your mail client with the following parameters. Everything is the same whether you use POP or IMAP except the POP or IMAP server name.

Email address: username@kempt.net
Sending (SMTP) mail server: smtp.kempt.net (port 587)
Receiving (POP3/IMAP) mail server: pop.kempt.net / imap.kempt.net
Authentication: Kerberos 5 (GSSAPI)
SSL: On/Yes

(Replace username with your username.) There are a number of other possibilities; see the Services page for more information.

Configure other services

Some other services are accessible (among other alternatives) via ssh. It is by far easiest if your ssh client supports Kerberos, although there are alternatives, there, too.

Mac OS X users: If you are running Tiger or Leopard (that is, 10.4 or 10.5), you will need to add these lines to the end of the file /etc/ssh_config in order to enable Kerberos operation:

Host *kempt.net GSSAPIAuthentication yes GSSAPIDelegateCredentials yes GSSAPIKeyExchange yes GSSAPITrustDNS yes

Uploading pages to your web site

Your web pages are available in a directory called public_html in your Kempt.net home directory (in most cases). Any files or folders you put into that directory will be available within the URL:


(Replace username with your username.)

The easiest way to manage your web pages is probably to edit them locally on your computer, and then upload them all at once to the appropriate directory on the server shell.kempt.net using something like scp or sftp. There are a number of sftp clients out there that make this task easy. If you have any suggestions for particularly good ones, send email to service@kempt.net so they can be mentioned here.

You can also use the command-line tool scp to copy one or more files to your site. For instance:

scp index.html shell.kempt.net:public_html/

Shell access

You can log into shell.kempt.net via ssh or Kerberized telnet any time you want to manage your web site or other files from a command line shell on a Kempt.net server. You can also use this shell access to perform network diagnostics (ping, traceroute, etc.) or whatever else you need.

ssh shell.kempt.net

Is there anything else that a new user ought to know in order to start using Kempt.net services? Send email to service@kempt.net. Thanks!