Questions tagged [kerberos]

Kerberos is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed primarily at a client–server model, and it provides mutual authentication — both the user and the server verify each other's identity.

As many vendors have their own implementation of Kerberos, configuration details for each implementation is likely to vary. Here are some links that may help those troubleshooting Kerberos on commonly used paltforms.

RFC Kerberos - http://www.faqs.org/rfcs/rfc1510.html
Kerberos Blogs by AD support team at Microsoft - http://blogs.technet.com/b/askds/archive/tags/Kerberos/
Kerberos blogs by Open Specification team at Microsoft - http://blogs.msdn.com/b/openspecification/archive/tags/Kerberos/
Ubuntu Linux post on Kerberos - https://help.ubuntu.com/community/Kerberos

1136 questions

votes

1 answer

Passwordless Kerberos management of Cisco devices

Does anyone have any experience of using Kerberos as an authentication mechanism for managing a Cisco IOS based network? This article seems to indicate it's possible, but my Kerberos knowledge is limited to that of a user on centrally managed…

asked Dec 05 '09 at 00:13

Murali Suriar

10,166
8
40
62

votes

1 answer

windows-ubuntu-bash + hypervisor winrm + ansible - Server not found in Kerberos database

I'm struggling like a week with that issue, read every internet post about that problem. What we have Windows Server 2016 Datacenter with Hyper-V Role installed (netbios: hv) Virtual Machines (netbios: web, fs, dc) on Windows Server 2016…

kerberos ansible windows-server-2016 winrm linux-subsystem

asked Apr 11 '18 at 18:21

alexsuslin

votes

1 answer

Failed authentication

I am newbie in this world and I need help. For the past weeks I have been trying to find the answer to my problem, but withour success. I am trying to authenticate my CentOS machine against Active Directory (on my Windows Server 2012 machine) via…

active-directory authentication openldap kerberos sssd

asked Feb 01 '18 at 10:54

estelarules

votes

0 answers

Delegation works on some browsers but not on others

I've been trying to make Kerberos delegation work across all browsers, but I'm having no luck. I'm running a Java web server on Linux and Windows. Firefox (64 bit) on Linux: Receive the ticket and delegation works. I've set the preferences…

active-directory kerberos firefox chrome spnego

asked Jan 18 '18 at 20:33

DetriusXii

votes

1 answer

NFSv4 + SSSD + Active Directory: 'nobody' permissions when ldap_id_mapping disabled

I'm attempting to configure NFSv4 with KRB5 authentication in accordance with RedHat's current recommendations, using SSSD to access Active Directory. The NFS server in this case is a NAS appliance, which handles user mapping between user@domain…

active-directory ldap kerberos nfs4

asked Jul 17 '17 at 18:48

JimNim

2,736
12
23

votes

1 answer

Problems connecting to a freeIPA client host via ssh

I am trying to set up an IPA environment with a CentOS 7.3 server and clients and I am experiencing a behavior that I am not able to understand. I am using IPA version 4.4.0. I was able to run ipa-server-install on the server and ipa-client-install…

ssh kerberos login single-sign-on freeipa

asked Jun 29 '17 at 14:12

andreee

votes

1 answer

Which servers to copy keytab file to

I am trying to setup a simple Kerberos environment in which a client server authenticates to a webservice (in my case OpenSSH) via a Kerberos server. I generated a keytab file on the KDC but am not quite sure which servers to copy the file to. Do I…

ubuntu authentication kerberos single-sign-on mitkerberos

asked Jun 13 '17 at 20:19

arne.z

votes

1 answer

Squid proxy authentication - most painless way

Ok, the title says it all, really. The end goal is to implement proxy-authentication for end users. Users' systems are mostly (95%) windows-based, the proxy is a Debian Lenny running squid 2.7. I've investigated possible ways to implement it, first…

proxy authentication squid kerberos ntlm

asked Nov 16 '09 at 18:47

shylent

votes

1 answer

Apache Kerberos Authentication : KDC has no support for encryption type

I post a new thread on this problem because all the solution I found here didn't work for me. I'm trying to configure an apache2 to authenticate with Kerberos on a AD2012 server via a keytab. First I activated all encryptions I could in the AD…

active-directory apache-2.4 kerberos mitkerberos

asked Apr 06 '17 at 21:46

Plup

votes

1 answer

how can I access NFSv4 with kerberos auth from within Docker container?

Our NFSv4 file-server uses Kerberos authentication managed by Active Directory. I need to run a batch process inside a Docker container that accesses data held on the file-server. From within the container, I have tried authenticating with the AD…

docker kerberos nfs4

asked Feb 17 '17 at 07:26

Martin

votes

1 answer

Configuring IIS for cross-forest kerberos authentication

In my environment I have two separate forests FA.COM and FB.COM and two child domains DA.FA.COM and DB.FB.com. There is no forest trust but two-way external trust between DA.FA.COM and DB.FB.com. I have an IIS server (IIS8.5 on Windows 2012r2) in…

iis kerberos windows-authentication single-sign-on cross-domain

asked Feb 11 '17 at 06:38

triggerfast

votes

1 answer

Intermittent Kerberos failures: GSSAPI authentication initialization failed

When using MIT Kerberos Ticket Manager with PuTTY 0.65 and WinSCP 5.9.3, I am sometimes unable to get a connnection to the server I am logging into. PuTTY will respond with either No supported authentication methods available (server sent: ) or No…

domain-name-system ssh kerberos gssapi

asked Feb 06 '17 at 13:26

Chris Watts

votes

4 answers

apache poor performance with Kerberos Authentication

I have an apache instance that uses kerberos for SSO with an internal application that we have running. However the performance is very very poor. I believe from a tcp dump that when a user hits some of our dojo forms on the application that…

apache-2.2 performance kerberos

asked Nov 09 '09 at 09:41

Grant Collins

votes

2 answers

Kerberos authentication issues behind RODC

We have a branch office in Costa Rica where, back then, we had implemented a Squid proxy with SSO using AD and it was working perfectly. Just recently we implemented an RODC at the site. Once that happened, no one was able to authenticate and I…

ubuntu active-directory squid kerberos

asked Jan 05 '17 at 16:37

Lazaro Ravelo

votes

0 answers

Unable to authenticate to AD using Kinit - cache file not found

I'm trying to set up Winbind with PAM and Kerberos to authenticate CentOS 7 against active directory. So far this is what I've done: yum -y install authconfig krb5-workstation pam_krb5 samba-common oddjob-mkhomedir yum -y install…

linux active-directory kerberos pam winbind

asked Dec 06 '16 at 18:28

GrahamBond

Prev 1 2 3

…

75 76 Next