Differences
This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision | ||
linux_wiki:configure_a_system_to_authenticate_using_kerberos [2016/10/08 17:49] billdozor |
linux_wiki:configure_a_system_to_authenticate_using_kerberos [2019/05/25 23:50] (current) |
||
---|---|---|---|
Line 12: | Line 12: | ||
* server1.example.com (192.168.1.150) -> Client for kerberos authentication | * server1.example.com (192.168.1.150) -> Client for kerberos authentication | ||
* ipa.example.com (192.168.1.152) -> FreeIPA server/ | * ipa.example.com (192.168.1.152) -> FreeIPA server/ | ||
+ | |||
+ | ---- | ||
+ | |||
+ | ====== Help ====== | ||
+ | |||
+ | Finding help in this section. | ||
+ | * authconfig help, filter for krb<code bash> | ||
---- | ---- | ||
Line 39: | Line 46: | ||
**Option 1**: Use authconfig to enable kerberos< | **Option 1**: Use authconfig to enable kerberos< | ||
+ | * Note: If you get this message: " | ||
+ | * You did not install " | ||
+ | \\ | ||
**Option 2**: Use authconfig-tui to enable kerberos | **Option 2**: Use authconfig-tui to enable kerberos | ||
* Open authconfig-tui< | * Open authconfig-tui< | ||
Line 50: | Line 60: | ||
* Admin Server: ipa.example.com | * Admin Server: ipa.example.com | ||
* Ok | * Ok | ||
+ | |||
+ | ===== Add Client Host to The Kerberos Server ===== | ||
+ | |||
+ | The kerberos server (KDC) must have an entry for the client host. | ||
+ | |||
+ | A kerberos client keytab (containing client host identification) will probably be provided in the exam. | ||
+ | |||
+ | For lab purposes, you may need to add the client and generate a keytab. | ||
+ | |||
+ | [[linux_wiki: | ||
---- | ---- | ||
Line 55: | Line 75: | ||
====== Test The Client ====== | ====== Test The Client ====== | ||
- | * Login as a LDAP user< | + | * Login as a LDAP user< |
- | * Get a kerberos ticket< | + | * Get a kerberos ticket< |
* View ticket< | * View ticket< | ||
* SSH to another system< | * SSH to another system< |