Step by Step Guide to Setup Kerberos Server & Client on Ubuntu 20.04 LTS

Kerberos is a network authentication protocol. It is used for authentication purpose. It provides secure communication interface between server & client. It is used in POSIX authentication, Active Directory, NFS, and Samba.

Step 1 – Update the System.

apt-get update

Step 2 – Set the hostname on both server & client.

On Server,Provide the host-name.

hostnamectl set-hostname host-name server.host-name

On client System,Provide the host name.

hostnamectl set-hostname client.host-name

Open the host file on both server & client system.

vim /etc/hosts

Mention the following lines on both server & client system.

server-ip server.host-name

client-ip client.host-name

Step 3 – Install the Kerberos on server system.

apt-get install krb5-kdc krb5-admin-server krb5-config
  • Here is the Command Output.
  • Provide the Kerberos Realm (host-name).
  • Click ok.

  • Provide the kerberos server Realm (server.host-name).
  • Click Ok.

  • Provide the Administrative Server for kerberos Realm (server.host-name).
  • Click Ok.

  • Click Ok.

Step 4 – Configure the Kerberos Server.

krb5_newrealm
provide a secure password.

Step 5 – Add the admin user. Open file kadm5.acl.

vim /etc/krb5kdc/kadm5.acl

Mention the following line:

*/admin *

Add the admin user to the Kerberos database.

kadmin.local

Provide the admin user name & Password.

 

Restart the Kerberos server.

systemctl restart krb5-admin-server

Check Kerberos server status.

systemctl status krb5-admin-server

Here is the command output.

Step 6 – Install Kerberos Client on client system.

apt-get install krb5-user

Provide the Kerberos Realm (host-name).

Click ok.

Provide the kerberos server Realm (server.host-name).

Click Ok.

Provide the Administrative Server for kerberos Realm (server.host-name).

Click Ok.

Click Ok.

Step 7 – Login to the Kerberos server.Provide the admin user name & password.
kinit admin-user-name
Run the following command to get Ticket .
Klist
Check authentication.Run the following command on server system.
kadmin.local
Provide the admin-user name.
kadmin.local: getprinc admin-user-name

Its Done.

Leave a Reply

Your email address will not be published.