5 Network Authentication-Kerberos; Kerberos Terminology - Novell LINUX ENTERPRISE SERVER 10 SP2 - INSTALLATION AND ADMINISTRATION Installation Manual
Hide thumbs
Also See for LINUX ENTERPRISE SERVER 10 SP2 - INSTALLATION AND ADMINISTRATION:
- Manual (184 pages) ,
- Supplementary manual (50 pages) ,
- Quick manual (12 pages)
Table of Contents
Advertisement
Network
Authentication—Kerberos
An open network provides no means to ensure that a workstation can identify its users
properly except the usual password mechanisms. In common installations, the user
must enter the password each time a service inside the network is accessed. Kerberos
provides an authentication method with which a user registers once then is trusted in
the complete network for the rest of the session. To have a secure network, the following
requirements must be met:
• Have all users prove their identity for each desired service and make sure that no
one can take the identity of someone else.
• Make sure that each network server also proves its identity. Otherwise an attacker
might be able to impersonate the server and obtain sensitive information transmitted
to the server. This concept is called mutual authentication, because the client au-
thenticates to the server and vice versa.
Kerberos helps you meet these requirements by providing strongly encrypted authenti-
cation. The following shows how this is achieved. Only the basic principles of Kerberos
are discussed here. For detailed technical instruction, refer to the documentation provided
with your implementation of Kerberos.
45.1 Kerberos Terminology
The following glossary defines some Kerberos terminology.
Network Authentication—Kerberos
45
841
Advertisement
Table of Contents
Troubleshooting
