Kerberos is a security mechanism implemented on all CSG supported Linux systems. It provides a higher level of security than previously available on Linux machines since passwords are not stored in any place or in any form that is accessible by persons who may wish to crack them.

Kerberos authenticates users and their access to network services by providing a ticket-granting service. When you log in to a Linux machine you will be given a ticket-granting ticket - a ticket which gives you access to the ticket-granting service. This ticket lasts for eight hours. When you then wish to use any services Kerberos will use this initial ticket to authenticate you to the service. In conjunction, the service will authenticate itself to you. But don't worry about any of this - it is all completely transparent and you shouldn't be aware of it happening.

If you want to see what tickets you have, type:

klist

kinit

kdestroy

© CSG / 2001 / help@doc.ic.ac.uk /