Stanford Kerberos Authentication with CentOS/RedHat

This howto is for Stanford System Administrators.

Kerberos Client Installation

• Install the Kerberos client
• rpm -install krb5-libs krb5-workstation pam_krb5
• Create the krb5.conf file under /etc/krb5.conf. It can be found on the Leland servers under /etc/krb5.conf
• Test if the Kerberos Client is working
• Type kinit SUnetID. Where SUnetID is your own SUnetID.
• Type klist to check if you Kerberos ticket was returned.

Configure Kerberos Client

• As a superuser type "setup"
• A new windows called Choose a Tool appears
• Select Authentication configuration
• Select Use MD5 Passwords, Use Shadow Passwords, Use Kerberos
• Click Next
• The next window called Kerberos Settings should be auto populated. If not, check to ensure the /etc/krb5.conf file is correct compared with the Leland copy.
• Click Ok
• Click Quit
• Create a new user with the username matching their SUnetID. You can create them a local account "shadow" password or not. If you create them a local password, than they have the option of either logging in with their SUnet password or their local account "shadow" password.