KERB Authentication

Kerberos is an authentication system developed at MIT. Encryption in Kerberos is based on DES.

Kerberos works by authenticating the user's login password. A user types the kinit command, which obtains a ticket that is valid for the time of the session (or eight hours, the default session time) from the authentication server. When the user logs out, the ticket can be destroyed using the kdestroy command.

The Kerberos server software is available from MIT Project Athena, and is not part of the SunOS software. SunOS software provides:

• Routines used by the client to create, acquire, and verify tickets

• An authentication option to Secure RPC

• A client-side daemon, kerbd

See the "Overview of Secure RPC" in System Administration Guide, Volume II for more details.