Now that you have a working Kerberos server, you need to populate it with a database of users and hosts. You also need to enable and start the services. In Kerberos, create principles for items such as users and hosts. Use the kadmin.local command to create principles for an admin user, an rhuser, and the rhhost2 client VM. Then, create a host specific keytab file and save it. The last thing to do is copy the Kerberos configuration file and the keytab file to rhhost2.
- [Instructor] Now let's create a Kerberos database.…To do so, we'll run the kdb5_util command.…In a terminal, type in sudo kd5_util create -s -r,…uppercase LOCALNET.COM.…Enter your password if prompted.…It will also prompt you to choose a master password.…Enter it twice and do not forget it.…
Now let's enable and start the services.…Type in clear and then hit enter.…Type in sudo systemctl enable kadmin and hit enter.…Bring your line back and change kadmin to krb5kdc…and hit enter.…This enables both the kadmin and krb5 kdc services.…Type in clear, then type in sudo systemctl start kadmin…and hit enter.…
Bring back your line again and change kadmin…to krb5kdc and hit enter again.…Let's now create a firewall rule…to allow incoming Kerberos connections.…Type in clear and then we'll type in sudo firewall-cmd…- -zone=public --permanent…- -add-service=kerberos, and hit enter.…Now we need to reload the firewall config.…
Type in sudo firewall-cmd --reload and hit enter.…We're now going to create some new principles.…To do so, we'll run the kadmin.local command.…
- Network Time Services (NTP)
- How NTP works for authentication
- Configuring the chrony server and chrony client
- Setting up an LDAP server and LDAP client
- Creating a Kerberos database
- Configuring Kerberos client authentication
Skill Level Intermediate
Linux: Package Management for CentOSwith Grant McWilliams1h 56m Intermediate
Linux System Engineer: Networking and SSHwith Grant McWilliams1h 52m Intermediate
1. Network Time Services
2. Setting Up an LDAP Server
3. Setting Up an LDAP Client
4. Authentication Using Kerberos
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.