The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.

Install Kerberos Linux Client

In order to authenticate to a Kerberos Realm, the krb5-user and libpam-krb5 packages are needed, along with a few others that are not strictly necessary but make life easier. To install the packages enter the following in a terminal prompt:

sudo apt install krb5-user libpam-krb5 libpam-ccreds auth-client-config

Operations

Obtain a ticket

$ kinit user1@DOMAIN.LOCAL

Use keytab file

This creates secure a file containing credentials. Default keytab file is /etc/krb5.keytab

$ ktutil
ktutil:  addent -password -p user1@DOMAIN.LOCAL -k 1 -e aes256-cts
Password for user1@DOMAIN.LOCAL: *********
ktutil:  wkt user1.keytab
ktutil:  quit

List credentials

$ klist -k user1.keytab
Keytab name: FILE:ppawl.keytab
KVNO Principal
---- --------------------------------------------------------------------------
   1 user1@DOMAIN.LOCAL

Obtain a ticket

kinit ppawl@TPPLC.LOCAL -k -t ~/.ssh/user1.keytab

Destroy any current kerberos tickets

$ kdestroy

Resources

Kerberos Ubuntu

Linux Kerberos

Contents

Install Kerberos Linux Client

Operations

Obtain a ticket

Use keytab file

Destroy any current kerberos tickets

Resources

Navigation menu

Linux Kerberos

Install Kerberos Linux Client

Operations

Obtain a ticket

Use keytab file

Destroy any current kerberos tickets

Resources

Navigation menu

Search