:man| Alphabetical   Categories   About us 
 
KERBEROS (8) | System administration commands and daemons | Unix Manual Pages | :man

NAME

kerberos - introduction to the Kerberos system

CONTENTS

Description
See Also
History

DESCRIPTION

Kerberos is a network authentication system. Its purpose is to securely authenticate users and services in an insecure network environment.

This is done with a Kerberos server acting as a trusted third party, keeping a database with secret keys for all users and services (collectively called principals).

Each principal belongs to exactly one realm, which is the administrative domain in Kerberos. A realm usually corresponds to an organisation, and the realm should normally be derived from that organisation’s domain name. A realm is served by one or more Kerberos servers.

The authentication process involves exchange of 'tickets' and 'authenticators' which together prove the principal’s identity.

When you login to the Kerberos system, either through the normal system login or with the kinit(1) program, you acquire a ticket granting ticket which allows you to get new tickets for other services, such as telnet or ftp, without giving your password.

For more information on how Kerberos works, and other general Kerberos questions see the Kerberos FAQ at http://www.nrl.navy.mil/CCS/people/kenh/kerberos-faq.html.

For setup instructions see the Heimdal Texinfo manual.

SEE ALSO

ftp(1), kdestroy(1), kinit(1), klist(1), kpasswd(1), telnet(1)

HISTORY

 
Created by Blin Media, 2008-2013