Linux Kerberos
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Install Kerberos Linux Client
In order to authenticate to a Kerberos Realm, the krb5-user and libpam-krb5 packages are needed, along with a few others that are not strictly necessary but make life easier. To install the packages enter the following in a terminal prompt:
sudo apt install krb5-user libpam-krb5 libpam-ccreds auth-client-config
Operations
Obtain a ticket
$ kinit user1@DOMAIN.LOCAL
Use keytab file
This creates secure a file containing credentials. Default keytab file is /etc/krb5.keytab
$ ktutil ktutil: addent -password -p user1@DOMAIN.LOCAL -k 1 -e aes256-cts Password for user1@DOMAIN.LOCAL: ********* ktutil: wkt user1.keytab ktutil: quit
List credentials
$ klist -k user1.keytab Keytab name: FILE:ppawl.keytab KVNO Principal ---- -------------------------------------------------------------------------- 1 user1@DOMAIN.LOCAL
Obtain a ticket
kinit ppawl@TPPLC.LOCAL -k -t ~/.ssh/user1.keytab
Destroy any current kerberos tickets
$ kdestroy
Resources
- Kerberos Ubuntu