Domain hosting, cheap domain name & website promotion services
  

 Home
Red Hat Linux 7.3: The Official Red Hat Linux Reference Guide
PrevChapter 11. KerberosNext

Kerberos and PAM

Currently, kerberized services do not make use of Pluggable Authentication Modules (PAM) at all — a kerberized server bypasses PAM completely. Applications that use PAM can make use of Kerberos for password checking if the pam_krb5 module (provided in the pam_krb5 package) is installed. The pam_krb5 package contains sample configuration files that allow services like login and gdm to authenticate users and obtain initial credentials using their passwords. If access to network servers is always done using kerberized services or services that use GSS-API, like IMAP, the network can be considered reasonably safe.

Careful administrators will not add Kerberos password checking to all network services because most of the protocols used by these services do not encrypt the password before sending it over the network — obviously something to avoid.

The next section will describe how to set up a basic Kerberos server.

PrevHomeNext
How Kerberos WorksUpConfiguring a Kerberos 5 Server
 

 

 

 

Buy domain name by 895cheap-domain.com |  Web site ranking and promotion 

Disclaimer: For authoritative source or latest update to this documentation, please refer to http://www.redhat.com/docs/manuals/linux/

 

 
Quotes: The past is of no importance. The present is of no importance. It is with the future that we have to deal. For the past is what man should not have been. The present is what man ought not to be. The future is what artists are.