DefinitionTerm
Key distribution center that consists of a Kerberos
server and database program that is running on a
network host.
KDC
9
A term that describes applications and services that
have been modified to support the Kerberos credential
infrastructure.
Kerberized
A domain consisting of users, hosts, and network
services that are registered to a Kerberos server. The
Kerberos server is trusted to verify the identity of a
user or network service to another user or network
service.
The Kerberos realm name must be in all
uppercase characters.
Note
Kerberos realm
A daemon that is running on a network host. Users
and network services register their identity with the
Kerberos server. Network services query the Kerberos
server to authenticate to other network services.
Kerberos server
A password that a network service shares with the
KDC. In Kerberos 5 and later Kerberos versions, the
network service authenticates an encrypted service
credential by using the KEYTAB to decrypt it. In
Kerberos versions earlier than Kerberos 5, KEYTAB
is referred to as SRVTAB
11
.
KEYTAB
10
Also known as a Kerberos identity, this is who you
are or what a service is according to the Kerberos
server.
The Kerberos principal name must be in all
lowercase characters.
Note
Principal
A credential for a network service. When issued from
the KDC, this credential is encrypted with the
password shared by the network service and the KDC.
The password is also shared with the user TGT.
Service credential
A password that a network service shares with the
KDC. In Kerberos 5 or later Kerberos versions,
SRVTAB is referred to as KEYTAB.
SRVTAB
Ticket granting ticket that is a credential that the KDC
issues to authenticated users. When users receive a
TGT, they can authenticate to network services within
the Kerberos realm represented by the KDC.
TGT
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
982
Information About Kerberos
To Next Page
Loading...
Need help?
General
