Ubuntu 20.04 LTS configuring Kerberos client with PAM (take UNC Onyen server as an example)
It's hard to find an article showing how to configure a Kerberos client with PAM on Ubuntu 20.04 or higher. Here is the step-by-step tutorial
0. Update apt
sudo apt-get update
sudo apt-get upgrade
1. Install packages and configure Kerberos source
sudo apt-get install
krb5-user libpam-krb5
sudo vim /etc/krb5.conf
then input this and save:
=============================[libdefaults]
default_realm =
ISIS.UNC.EDU
[realms]
ISIS.UNC.EDU = {
kdc = krb3.unc.edu
kdc = krb2.unc.edu
kdc = krb1.unc.edu
kdc = krb0.unc.edu
admin_server =
krba.unc.edu
default_domain =
isis.unc.edu
}
[domain_realm]
.unc.edu = ISIS.UNC.EDU
=========================
2. Enable authentication via PAM
sudo pam-auth-update
Make sure you selected Kerberos authentication and do not select Unix
3. Verify the connection between Kerberos server
kinit OnyenName
4. Add users and verify the authentication
sudo adduser --home /path/to/home OnyenName
sudo login
Comments
Post a Comment