Skip to content Skip to navigation

Stanford Kerberos Authentication with CentOS/RedHat

Posted by: 

This howto is for Stanford System Administrators.

Kerberos Client Installation

  • Install the Kerberos client
    • rpm -install krb5-libs krb5-workstation pam_krb5
  • Create the krb5.conf file under /etc/krb5.conf. It can be found on the Leland servers under /etc/krb5.conf
  • Test if the Kerberos Client is working
    • Type kinit SUnetID. Where SUnetID is your own SUnetID.
    • Type klist to check if you Kerberos ticket was returned.

    Configure Kerberos Client

  • As a superuser type "setup"
    • A new windows called Choose a Tool appears
    • Select Authentication configuration
    • Select Use MD5 Passwords, Use Shadow Passwords, Use Kerberos
    • Click Next
    • The next window called Kerberos Settings should be auto populated. If not, check to ensure the /etc/krb5.conf file is correct compared with the Leland copy.
    • Click Ok
    • Click Quit
  • Create a new user with the username matching their SUnetID. You can create them a local account "shadow" password or not. If you create them a local password, than they have the option of either logging in with their SUnet password or their local account "shadow" password.