Kerberos Client
This simple mini how-to goes over the configuration of a linux system so it can use a Kerberos Realm server for authentication.
-
Make sure you have the pam_krb5 rpm files installed. You can check this by running the
rpm -qa | grep pamcommand and seeing whether the pam_krb5 rpm files are listed. If they aren't, you can typically download them in an update of the Linux or Unix operating system that you are running. -
Add the line to the "/etc/pam.d/system-auth" part of the auth section of Kerberos. Add it after the "pam_unix.so" line:
auth sufficient /lib/security/pam_krb5.so use_first_pass forwardable -
Add the line to the "/etc/pam.d/system-auth" part of the password section of Kerberos. Add it after the "pam_unix.so" line:
password sufficient /lib/security/pam_krb5.so use_authtok -
Add the line to the "/etc/pam.d/system-auth" part of the session section of Kerberos. Add it after the "pam_unix.so" line:
session optional /lib/security/pam_krb5.so