Questions tagged [kerberos]

Kerberos is a computer network authentication protocol, which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner. Its designers aimed primarily at a client–server model, and it provides mutual authentication — both the user and the server verify each other's identity.

As many vendors have their own implementation of Kerberos, configuration details for each implementation is likely to vary. Here are some links that may help those troubleshooting Kerberos on commonly used paltforms.

RFC Kerberos - http://www.faqs.org/rfcs/rfc1510.html
Kerberos Blogs by AD support team at Microsoft - http://blogs.technet.com/b/askds/archive/tags/Kerberos/
Kerberos blogs by Open Specification team at Microsoft - http://blogs.msdn.com/b/openspecification/archive/tags/Kerberos/
Ubuntu Linux post on Kerberos - https://help.ubuntu.com/community/Kerberos

1136 questions

votes

1 answer

Forward service records from main DNS to IPA server

I have a production DNS server (dns1.local) in Data Center environment, I build recently IPA server (ipa.example.com) that runs DNS as well in the same environment and it forwards requests to dns1.local, I want to configure an ipa client…

asked Apr 23 '16 at 11:35

Hatem Mashaqi

votes

1 answer

Kerberos and LDAP login

I want to manually login to a ldap-server. For authentication Kerberos is used. I am registered there with username and pw. kinit username@servername It works fine and a valid TGT is created which I can view using klist But how to proceed after.…

ldap kerberos

asked Apr 20 '16 at 13:15

Hansi Zimmrer

votes

0 answers

What changes with Kerberos Authentication in IPv6 when using NAT?

How should Kerberos Authentication be setup with IPv6? Of you're using NAT for IPv6 where there is a single public IPv6 address and it translates to the machines inside in the ULA range?

ipv6 kerberos mitkerberos

asked Apr 11 '16 at 15:58

leeand00

4,807
13
64
106

votes

1 answer

What changes with Kerberos authentication in IPv6 when everyone has a public IPv6 Address?

How should Kerberos authentication be set up with IPv6? What implications are there when client devices each use a public, globally routeable IPv6 IP address? What changes when setup this way instead of using a NAT as was the norm with IPv4?

ipv6 kerberos mitkerberos

asked Apr 11 '16 at 15:56

leeand00

4,807
13
64
106

votes

2 answers

Build a production IPA server without integrate DNS and NTP with client

We are going to deploy a centralized authentication Linux server (RHEL6) for our RedHat/CentOS servers in Data Center environment. I made some search I believe Free IPA is the best choice since it's more secure, it has better sudo and HBAC rules,…

centos redhat ldap kerberos freeipa

asked Apr 07 '16 at 15:39

Hatem Mashaqi

votes

1 answer

What kind of SPN is required to delegate client credentials to a SMB Share?

I'm trying to delegate KERBEROS authentication from an SQL Server to a file server over OLEDB. Is there a particular Service Principle Name that is used to delegate credentials from an SQL Server to a file server? For instance, if I run a SQL…

authentication kerberos server-message-block sql-server-2008-r2 delegation

asked Apr 06 '16 at 12:10

leeand00

4,807
13
64
106

votes

1 answer

Apache not finding the kerberos principal in keytab file

Virtual host has been configured with these options; AuthType Kerberos AuthName "Kerberos Login" KrbMethodNegotiate On KrbMethodK5Passwd Off KrbAuthRealms EXAMPLE.COM KrbAuthoritative On KrbServiceName…

active-directory apache-2.4 kerberos mod-auth-kerb

asked Mar 21 '16 at 09:17

Morten Nilsen

votes

1 answer

NFSv4 with Kerberos - idmap stops working after ~35 minutes

All machines are running CentOS 6.5. We have about 85 client machines doing a Kerberized NFSv4 mount (sec=krb5p) to a server. This weekend, the server was changed (serverA changed to serverB). Everything appears to work, except, on one a few…

nfs kerberos nfs4

asked Mar 14 '16 at 21:22

Matt

1,037
2
14
20

votes

1 answer

Error trying to enable LDAP with kerberos authentication with GPFS

I have 3 RHEL7 nodes with GPFS / Spectrum Scale 4.2.0.0 installed. The 3 nodes have been setup with GPFS as a cluster with a GPFS filesystem created. I am trying enable LDAP based authentication with kerberos on that filesystem. Here's the…

ldap filesystems kerberos

asked Feb 17 '16 at 16:23

mrbarker

votes

2 answers

gssapi/kerberos/active directory/ubuntu - Wrong principal in request

I'm trying to setup a Clientserver with a Webservice to which Users of an Active Directory should be able to login with SSO. I'm using SPNEGO with Kerberos on a Ubuntu 14.04 Server and nginx proxy to Naviserver for the Webservice to do that and get…

kerberos single-sign-on gssapi spnego

asked Feb 17 '16 at 08:28

Sky

votes

1 answer

Kerberos 5 won't install on Debian 8.2 or 8.3

I've been running some VMs in VirtualBox and cannot get Kerberos5 installed. I keep receiving the error: Reading package lists... Done Building dependency tree Reading state information... Done Some packages could not be installed. This may…

debian kerberos debian-jessie

asked Feb 10 '16 at 05:06

tokyotech

votes

1 answer

Multi-factor auth with Kerberos and RADIUS

I am looking for a solution in order to allow a multi-factor authentication for a Kerberos-based logon service. By reading some articles, I found some good references about RADIUS, that provides a set of features in order to achieve this…

authentication kerberos radius

asked Jan 26 '16 at 15:00

vdenotaris

votes

0 answers

kerberos authentication to linux from windows

We have mostly unix/linux server in our data center. We access them from our workstations running windows using putty. All the workstations are part of an AD domain but the servers are not. Kerberos is configured in the workstations and while…

active-directory ssh kerberos putty gssapi

asked Jan 20 '16 at 09:42

varun

votes

1 answer

Grant Kerberos Ticket on successfull authentication against third party password store

I am currently building a system where I would like to deploy Kerberos. However my external constraints on the user management do not allow me to authenticate the users against Kerberos itself. I do have to authenticate the users against a third…

linux security ldap kerberos sasl

asked Dec 12 '15 at 22:52

Blackclaws

votes

1 answer

psql: duplicate GSS authentication request

What does it mean by saying 'duplicate' ? How to troubleshoot this? guest@www:~$ klist Ticket cache: FILE:/tmp/krb5cc_1000 Default principal: user/admin@SOHONET Valid starting Expires Service principal 12/11/2015 07:37:08 …

postgresql kerberos gssapi mitkerberos postgresql-9.1

asked Dec 11 '15 at 09:14

user319773

Prev 1 2 3

…

75 76 Next