IT Infrastructure and Operations  
UNIX Infrastructure  
     
Authentication Mechanism  
 
Home
 
Core Components
Global Filesystem
Shared Applications
Common Login Environment
Authentication Mechanism
 
Core Services
Home Directory Space
Departmental Space
Course Space
Personal Web Space
 
Installation
AIX
Linux
Macintosh
Solaris
Windows Vista/XP/2000

What is the Authentication Mechanism?

Kerberos is a enterprise-level, secure authentication system. Under Kerberos, information obtained from your login (userid and password) is used to create a Kerberos ticket. This ticket is then sent to a secure, centralized database to check whether your ticket (and thus your login and password) is authentic. If an application understands Kerberos, it can use your Kerberos ticket to create other tickets that authenticate to remote services. This way tickets are sent over the network rather than your login and password.

The Kerberos realm ISIS.UNC.EDU and several Kerberized applications are maintained. In order to use these Kerberized applications, you will need to install the following file: /etc/krb.conf (given that an AFS client has already been installed). A standard file for use can be found at /afs/isis/pkg/heimdal/etc/krb.conf. You may copy this file to /etc/krb.conf, just make sure that you give root ownership and that you give everyone read-only permissions.

Both Kerberos 4 and Kerberos 5 are supported, but we are moving to a strict Kerberos 5 environment. For that reason it is encouraged that users set up their machines for Kerberos 5.

  Maintained by: brian_biswas@unc.edu