LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Networking (https://www.linuxquestions.org/questions/linux-networking-3/)
-   -   Test Kerberos (https://www.linuxquestions.org/questions/linux-networking-3/test-kerberos-4175628381/)

michele_deb 04-25-2018 04:38 AM
Test Kerberos
 
Hi guys,
I have just studied the network authentication protocol Kerberos and, I would like to test it on Ubuntu configuring a Client Kerb. and a Server on two virtual machines. Is it feasible? How could I do? I was thinking to install two machines on VirtualBox, one called "Client" and the other "Server", basically two Ubuntu OS. Is it right?
Any tips?

Thanks
MB

Turbocapitalist 04-25-2018 05:07 AM
Kerberos uses two servers, a Key Distribution Center (KDC) and an Admin server. The KDC can do replication so you can set up a slave KDC synched with the master. So that would be three on the server side. With one more for the client, that makes four.

VirtualBox or Qemu could work. Depending on your budget, cheap Single Board Computers would work too.

michele_deb 04-25-2018 05:31 AM
Quote:
Originally Posted by Turbocapitalist (Post 5847249)
Kerberos uses two servers, a Key Distribution Center (KDC) and an Admin server. The KDC can do replication so you can set up a slave KDC synched with the master. So that would be three on the server side. With one more for the client, that makes four.

VirtualBox or Qemu could work. Depending on your budget, cheap Single Board Computers would work too.
You mean, I should install 4 machines= 3 server and 1 client. Right? So, can you suggest me a procedure or a pdf file with all steps to configure a Server and a Client (that asks for a service) on Ubuntu, creating and environment ad-hoc? I have no idea on how to start on it. I have studied theory about Kerberos and I would like to implement a system to emulate how it works. That's all.

Turbocapitalist 04-25-2018 05:34 AM
Yes. Install Ubuntu-server on the three and Ubuntu-desktop on the fourth. I'd start looking at the networking prerequisites layed out in documents like these:

https://help.ubuntu.com/community/Kerberos

https://help.ubuntu.com/lts/serverguide/kerberos.html

After each machine has a hostname which you can ping or connect to via from any of the others, then you can start looking at the actual Kerberos packages and configuration.

michele_deb 04-25-2018 01:26 PM
Quote:
Originally Posted by Turbocapitalist (Post 5847254)
Yes. Install Ubuntu-server on the three and Ubuntu-desktop on the fourth. I'd start looking at the networking prerequisites layed out in documents like these:

https://help.ubuntu.com/community/Kerberos

https://help.ubuntu.com/lts/serverguide/kerberos.html

After each machine has a hostname which you can ping or connect to via from any of the others, then you can start looking at the actual Kerberos packages and configuration.
Turbo, please, sorry for the stupid question:
instead of installing 3 servers, could I install just one virtual machine server, let's say: "kerberos.com" (my KDC) with an IP static address with the admin Server on the same machine and a Client virtual machine, let's say: "client.com" with a static IP?

Turbocapitalist 04-25-2018 01:38 PM
Quote:
Originally Posted by michele_deb (Post 5847438)
Turbo, please, sorry for the stupid question:
instead of installing 3 servers, could I install just one virtual machine server, let's say: "kerberos.com" (my KDC) with an IP static address with the admin Server on the same machine and a Client virtual machine, let's say: "client.com" with a static IP?
It's a sensible question.

You could put the admin server and kdc on the same machine but it would really be most practical, especially from a learning perspective, to have the client separate. This is a protocol intended to operate over the net, so you'll need that aspect to really know how it is used. There should be a GUI for VirtualBox that facilitates arranging the addresses of the VMs. If you're going to run it in a work environment then you'll want at least a little redundancy though.

michele_deb 04-25-2018 05:18 PM
Quote:
Originally Posted by Turbocapitalist (Post 5847441)
It's a sensible question.

You could put the admin server and kdc on the same machine but it would really be most practical, especially from a learning perspective, to have the client separate. This is a protocol intended to operate over the net, so you'll need that aspect to really know how it is used. There should be a GUI for VirtualBox that facilitates arranging the addresses of the VMs. If you're going to run it in a work environment then you'll want at least a little redundancy though.
Thanks. What I would like to do is at the following link: http://blog.manula.org/2012/04/setti...th-debian.html and I want configure the server part on the server virtual machine and client part on the client virtual machine following the instruction at that link. You think is the right way to proceed?

Turbocapitalist 04-25-2018 10:14 PM
Quote:
Originally Posted by michele_deb (Post 5847486)
Thanks. What I would like to do is at the following link:
For me that just goes to a blank page with some javascripts and no content. What about the two Ubuntu links above? Unfortunately it was kind of common knowledge how to set up Kerberos so now it is virtually undocumented, especially since most of the the canonical links from the 1990s dead and haven't been replaced.

michele_deb 04-26-2018 09:51 AM
1 Attachment(s)
Quote:
Originally Posted by Turbocapitalist (Post 5847551)
For me that just goes to a blank page with some javascripts and no content. What about the two Ubuntu links above? Unfortunately it was kind of common knowledge how to set up Kerberos so now it is virtually undocumented, especially since most of the the canonical links from the 1990s dead and haven't been replaced.
Sorry Turbocapitalist,
attached you can find a pdf file with all instruction included in the link I sent you. I have also to set up an IP address for my Server and Client on VirtualBox using option "Only Host".


All times are GMT -5. The time now is 07:17 AM.