Creating a keytab file for kerberos authentication on Linux

This guide was created on CentOS 6
You will need the krb5-workstation package installed

yum install krb5-workstation

Create a keytab file for kerberos authentication for the user testuser1:

[user1@vm01 ~]$ ktutil
	ktutil:  addent -password -p testuser1@CORP.COMPANY.NET -k 1 -e aes256-cts
  	Password for testuser1@CORP.COMPANY.NET: [enter your password]
  	ktutil:  wkt testuser1.keytab
  	ktutil:  quit 

Initialize the key tab file to retrieve the kerberos ticket:

[user1@vm01 ~]$ kinit testuser1@CORP.COMPANY.NET -k -t ./testuser1.keytab 

Verify the kerberos ticket has been initialized

[user1@vm01 ~]$ klist
Ticket cache: FILE:/tmp/krb5cc_16777216_kbQnZ2
Default principal: testuser1@CORP.COMPANY.NET

Valid starting     Expires            Service principal
10/22/14 07:23:58  10/22/14 17:23:58  krbtgt/CORP.COMPANY.NET@CORP.COMPANY.NET
	renew until 10/29/14 07:23:58

Applications which are running under the profile which the Kerberos ticket are initialized should now be able to use the Kerberos ticket.

reference: https://kb.iu.edu/d/aumh

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s