Manualshelf

Configuration Guide for Kerberos Client Products on HP-UX

ManualsBrandsHP ManualsSoftwareHP-UX Kerberos Data Security Software
21222324252627282930
Overview
Kerberos Overview
Chapter 1 23
Kerberos Overview
Kerberos is a mature network authentication protocol based on the RFC
1510 specification of the IETF. It is designed to provide strong
authentication for client or server applications by using the shared
secret-key cryptography.
The basic currency of Kerberos is the ticket, which the user presents in
order to use a specific service. Each service, be it a login service or an
FTP service, requires a different kind of ticket. Fortunately, the
Kerberized applications keep track of all the various kinds of tickets, so
you dont have to.
You must authenticate yourself to the server by providing your user
name and password. In return, the Kerberos server gives you an initial
ticket, which you use to request for additional tickets from the Kerberos
server for all the other services. For this reason, the initial ticket is also
often called the Ticket Granting Ticket (TGT).
Use the Kerberos protocol to secure the communication between the
client and server. Thus, client programs make authentication requests to
an authentication server, and server programs in turn service those
client requests. Based on your user credentials, the server program
grants or denies your request to access network applications and
services. The Kerberos server allows entities to authenticate themselves,
without having to transmit their passwords in clear text form over the
network.