Ubuntu 20.04 LTS configuring Kerberos client with PAM (take UNC Onyen server as an example)

It's hard to find an article showing how to configure a Kerberos client with PAM on Ubuntu 20.04 or higher. Here is the step-by-step tutorial 

0. Update apt

sudo apt-get update

sudo apt-get upgrade

1. Install packages and configure Kerberos source

sudo apt-get install krb5-user libpam-krb5

sudo vim /etc/krb5.conf

then input this and save:

=============================

[libdefaults]

default_realm = ISIS.UNC.EDU

[realms]

ISIS.UNC.EDU = {

kdc = krb3.unc.edu

kdc = krb2.unc.edu

kdc = krb1.unc.edu

kdc = krb0.unc.edu

admin_server = krba.unc.edu

default_domain = isis.unc.edu

}

[domain_realm]

.unc.edu = ISIS.UNC.EDU

=========================

2. Enable authentication via PAM

sudo pam-auth-update

Make sure you selected Kerberos authentication and do not select Unix

3. Verify the connection between Kerberos server

kinit OnyenName

4. Add users and verify the authentication

sudo adduser --home /path/to/home OnyenName

sudo login

Comments

Popular posts from this blog