Stack Exchange Network

Stack Exchange network consists of 174 Q&A communities including Stack Overflow, the largest, most trusted online community for developers to learn, share their knowledge, and build their careers.

Visit Stack Exchange

Questions tagged [kerberos]

Kerberos is a computer network authentication protocol which allows nodes communicating over a non-secure network to prove their identity to one another in a secure manner.

0
votes
0answers
18 views

Enroll MacOS 10.13 in FreeIPA domain?

I tried following this guide to enroll a mac on OS X 10.13.6 in my FreeIPA domain that all the linux machines on my home network are. All the steps worked, but I can't log in with any freeipa users ...
0
votes
1answer
23 views

Keytabs generation issue

I have troubles while creating keytabs for user. Keytabs are working only when I have rc4-hmac encryption enabled [root@host ~]# klist -kte test_user.keytab_rc4 Keytab name: FILE:test_user....
0
votes
1answer
31 views

ssh ProxyJump with Kerberos

There are two fine intermediary hosts between my workstation and where I need to end-up. I was attempting to use the ProxyJump configuration to make this connection, but it does not appear to work. ...
0
votes
1answer
20 views

Configuring Kerberos krb5.conf file to handle primary and a secondary 'cloned' domain

(Obligatory newbie prefix: never played much with Kerberos so treat me gently here!) We have two domains foo.local and .test. .test was cloned from foo.local and, once logged on to a server inside ....
2
votes
1answer
22 views

Can I use Kerberos for EAP without the RADIUS server getting anything but a ticket?

I would like to use Kerberos with FreeRADIUS, but I don't want FreeRADIUS to have access to any passwords (hashed or otherwise), especially because such passwords may not exist if smart card ...
0
votes
0answers
28 views

How to access NFSv4 shared folder with Kerberos authentication without root rights

I'm setting up a NFSv4 shared folder with Kerberos authentication. The issue I'm facing is that when the user on the client machine runs mount /mnt (see the fstab configuration below) he's not able to ...
0
votes
1answer
46 views

Kinit with systemd in user mode

I have created a keytab file under the user home directory $HOME/client.keytab. The authentication cache file is in it's default location /tmp/krb5cc_%U (where %U is the UID). Now, I have this simple ...
0
votes
0answers
34 views

SSHFS automount through FSTAB using Kerberos (GSSAPI)

Following from this Q&A, I have successfully installed and tested k5start to work with the Kerberos server of my university. My university uses a MIT Kerberos v5 server for authenticating tickets. ...
0
votes
0answers
28 views

remote desktop into centos using domain authentication

Trying to configure rpd into a gnome dekstop on top of centos for a practical in class... struggling to find directions that will use ADDS authorisation to allow users to log in. i have done this ...
0
votes
1answer
12 views

How to reinitizlize libpam-krb5 for kerberos

I ran the following: sudo apt install libpam-krb5 I made a mistake going through the wizard. How do i reinitialize the wizard? I tried sudo apt purge libpam-krb5 and then reinstalled and the wizzard ...
2
votes
1answer
42 views

Generation of SSHFP Records in FreeIPA

MY SETUP I have a cluster of machines running Centos 7.3, and I am using Kerberos / LDAP for authentication. Kerberos / LDAP are as packaged in FreeIPA 4.4.0. All hosts have an address on 192.168.1....
0
votes
1answer
40 views

Losing Kerberos Ticket after SSH to Current Host and Exit

I am running on CentOS 7.3. How may I prevent losing my Kerberos TGT in the scenario below? I understand the security implications of not destroying Kerberos tickets upon logout, and I will be ...
0
votes
0answers
73 views

Permission denied on NFSv4 shared directory with authentification with SSO (openLdap + Kerberos)

I'm trying to set up Single Sign On (SSO) with Kerberos and LDAP but I have an issue with NFSv4 with Kerberos for authentification and encryption (krb5p) service. My environnement: 1 server (...
1
vote
1answer
133 views

Setting Up a Keytab for a User Fails: “kinit: Password incorrect while getting initial credentials”

I have a cluster of machines running CentOS 7.3. Kerberos, DNS, LDAP, etc. are in use in a unified manner via the use of FreeIPA 4.4. I have a particular user that runs automated tests. Therefore, ...
0
votes
1answer
104 views

Change password on client with sssd kerberos and ldap

I have an error when I use passwd in ldap user session. I get: passwd: Authentication token manipulation error I check this link but it didn't help. In my cn=config/olcDatabase={1}mbd.ldif I ...

15 30 50 per page