Linux Kerberos Client Configuration
Kerberized clients are simpler to configure than KDCs or Kerberized application servers. Nonetheless, these tools do require some basic configuration to work. You may even need to track down Kerberized versions of clients for specific protocols, particularly if you want to use tools that aren’t provided with Kerberos. Once everything’s set up, you should know something about the basic Kerberos user management tools, because they control user access to the realm.
Preparing Kerberos Clients
main requirement for Kerberos client configuration is to set up the
Kerberos configuration file,
described earlier. Note that there’s no need for a
and, consequently, no need for a
file—even if you’re using MIT Kerberos.
You can mix and match an MIT Kerberos KDC with Heimdal clients, or a Heimdal KDC with MIT Kerberos clients. As described in the section Section 9.5, still other Kerberos implementations can interact with these common Linux Kerberos tools.
Because the Kerberos clients don’t maintain Kerberos
databases, you don’t need to use
set up local Kerberos databases on the clients. You do, though, need
to create principals for your users, as described earlier in this
Installing Kerberized Clients
Kerberized clients can be classified in two categories: those that ship with the main Kerberos package and third-party tools. The “official” Kerberized clients are those that ...