Skip to content Skip to navigation

Kerberos for Sysadmins

Below are some instructions and additional information for (primarily UNIX) system administrators who have Kerberos installed on their systems. Windows system administrators may also wish to read some of this information, but it won't be directly applicable.

An Introduction to Keytabs

A list of the major types and uses of keytabs at Stanford, the common types that you may need for your system, and how to request and maintain them.

Downloading Keytabs with the Wallet

Stanford uses a system called the wallet for managing secure keys for systems, including Kerberos keytabs. This documentation explains where to find the wallet client, how to use it to download a keytab, and how to look at other metadata for objects stored in the wallet. It also contains debugging suggestions if the wallet client isn't working.

Kerberos and Firewalls

Information about the ports used by Kerberos, the servers systems must be able to talk to for Kerberos authentication, and other Kerberos-related firewall concerns.

Kerberos xinetd Configuration

xinetd is widely used by Linux distributions (and occasionally used by other versions of UNIX) for running services such as the Kerberos servers for rlogin, rsh, and rcp. Here are sample xinetd configuration files for those services.

Last modified April 16, 2013