Difference between revisions of "Linux Kerberos"
Jump to navigation
Jump to search
(Created page with "= Install = = Operations = == Obtain a ticket == $ kinit user1@DOMAIN.LOCAL == Use keytab file == This creates secure a file containing credentials. Default keytab file is...") |
|||
| (3 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
= Install = | = Install Kerberos Linux Client = | ||
In order to authenticate to a Kerberos Realm, the krb5-user and libpam-krb5 packages are needed, along with a few others that are not strictly necessary but make life easier. To install the packages enter the following in a terminal prompt: | |||
<source lang=bash> | |||
sudo apt install krb5-user libpam-krb5 libpam-ccreds auth-client-config | |||
</source> | |||
= Operations = | = Operations = | ||
| Line 23: | Line 27: | ||
Obtain a ticket | Obtain a ticket | ||
kinit ppawl@TPPLC.LOCAL -k -t ~/.ssh/user1.keytab | kinit ppawl@TPPLC.LOCAL -k -t ~/.ssh/user1.keytab | ||
== Destroy any current kerberos tickets == | |||
$ kdestroy | |||
= Resources = | |||
* [https://help.ubuntu.com/lts/serverguide/kerberos.html.en#kerberos-linux-client Kerberos] Ubuntu | |||
Latest revision as of 01:41, 18 June 2019
Install Kerberos Linux Client
In order to authenticate to a Kerberos Realm, the krb5-user and libpam-krb5 packages are needed, along with a few others that are not strictly necessary but make life easier. To install the packages enter the following in a terminal prompt:
sudo apt install krb5-user libpam-krb5 libpam-ccreds auth-client-config
Operations
Obtain a ticket
$ kinit user1@DOMAIN.LOCAL
Use keytab file
This creates secure a file containing credentials. Default keytab file is /etc/krb5.keytab
$ ktutil ktutil: addent -password -p user1@DOMAIN.LOCAL -k 1 -e aes256-cts Password for user1@DOMAIN.LOCAL: ********* ktutil: wkt user1.keytab ktutil: quit
List credentials
$ klist -k user1.keytab Keytab name: FILE:ppawl.keytab KVNO Principal ---- -------------------------------------------------------------------------- 1 user1@DOMAIN.LOCAL
Obtain a ticket
kinit ppawl@TPPLC.LOCAL -k -t ~/.ssh/user1.keytab
Destroy any current kerberos tickets
$ kdestroy
Resources
- Kerberos Ubuntu