Share your knowledge at the LQ Wiki.
Go Back > Forums > Linux Forums > Linux - Security
User Name
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.


  Search this Thread
Old 02-13-2004, 11:08 AM   #1
LQ Newbie
Registered: Feb 2004
Posts: 1

Rep: Reputation: 0
Kerberos Configuration


I have been assigned the arduous task of installing kerberos on our closed network to authenticate about 500 machines. Let me give you a little background first...

I am NOT a linux guru, but am learning very quickly how things work. I have been studying this kerberos stuff for a while now, and hope that my knowledge is foundation enough to ask the appropriate questions. Here is what we would like to do:

Simply put, this installation is not intended for an extremely secure environment. It is only meant to require authentication, much like the basic windows authentication. When an employee leaves our group, we are required to change the passwords on our machines. I would like to have it so that instead of changing the password on each machine, we will be able to change one password on the KDC and be finished with it. We would like to have just one account, Administrator, that shares a password across the board for all machines. There are no additional users, no additional passwords. Just one user name (excluding root), one password, 400 machines.

I have installed the KDC and am not sure if it is working properly. Using the Kerberos GUI mini-program located in extras, I am able to authenticate the KDC with itself by using the user name


and its password.

I would like to know how to configure the machine so that when the RedHat GUI login console comes up, that I type Administrator as the user name, and the password -- and kerberos successfully authenticates this machine. Again, much like a basic windows environment, or much like how redhat does it without kerberos installed. The ONLY difference is that when we have to change a password, we do it once through the KDC instead of 400 times for each machine. Please tell me what principle needs to be added to accheive this functionality, and what steps I should take to get it working like I want.

We have already looked into other alternatives, and have a definate settlement for kerberos. Please be specific as possible, and try not to be so vague, as help in the past has been fruitlessly haulted because of the technical jargon and assumptions.
James Walthall
IBM Host Integration/HATS


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off

Similar Threads
Thread Thread Starter Forum Replies Last Post
kerberos denning Slackware 1 11-02-2005 08:04 AM
Kerberos 5 1.4.1 Kenji Miyamoto Slackware 1 05-24-2005 08:11 PM
Kerberos Krizzc Slackware 0 10-21-2004 08:10 AM
Kerberos krieger Linux - Security 1 01-29-2002 02:40 PM
Kerberos daemon emanners Linux - General 1 06-20-2001 05:46 PM > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 01:12 PM.

Main Menu
Write for LQ is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration