Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Kerberos - real world examples?

Tags:

security

kerberos

I know how Kerberos works and understand it purpose but I need some real world examples, where does it fit, and have you ever use it?

like image 225
dede Avatar asked Apr 15 '10 15:04

dede

People also ask

How is Kerberos used today?

Kerberos is used to authenticate entities requesting access to network resources, especially in large networks to support SSO. The protocol is used by default in many widely used networking systems. Some systems in which Kerberos support is incorporated or available include the following: Amazon Web Services.

Is Kerberos still used today?

Is Kerberos Obsolete? Kerberos is far from obsolete and has proven itself an adequate security-access control protocol, despite attackers' ability to crack it. The primary advantage of Kerberos is the ability to use strong encryption algorithms to protect passwords and authentication tickets.

What application uses Kerberos?

Perhaps the most widely know products which use Kerberos, are Microsoft Windows and Microsoft Active Directory. In a Microsoft network/domain, users authenticate using the Kerberos protocol when they logon to their Windows workstation.

Which services use Kerberos?

Initially developed by the Massachusetts Institute of Technology (MIT) for Project Athena in the late '80s, Kerberos is now the default authorization technology used by Microsoft Windows. Kerberos implementations also exist for other operating systems such as Apple OS, FreeBSD, UNIX, and Linux.

2 Answers

  • Windows 2000 and later use Kerberos as their default authentication method. Some Microsoft additions to the Kerberos suite of protocols are documented in RFC 3244 "Microsoft Windows 2000 Kerberos Change Password and Set Password Protocols". RFC 4757 documents Microsoft's use of the RC4 cipher. While Microsoft uses the Kerberos protocol, it does not use the MIT software.

  • Many UNIX-like operating systems, including FreeBSD, Apple's Mac OS X, Red Hat Enterprise Linux 4, Sun's Solaris, IBM's AIX, HP's OpenVMS, and others, include software for Kerberos authentication of users or services.

from wikipedia,

also if you visit http://www.kerberos.org/ , the Kerberos Consortium, they have a pdf document which has as sponsors:

  • Apple
  • Carnegie Mellon
  • Columbia
  • Cornell
  • Centrify Corporation
  • The United States DOD
  • Duke University
  • The Financial Services Technology Consortium
  • Google
  • Iowa State University
  • MIT
  • Michigan State
  • Microsoft
  • NASA
  • Pennsylvania State
  • Stanford University
  • Sun Microsystems
  • Team F1, inc.
  • The University of Michigan

Which shows that if implemented correctly, there are uses for it.

visit http://k5wiki.kerberos.org/wiki/Main_Page for more information on this consortium.

like image 135
Justin Gregoire Avatar answered Sep 27 '22 20:09

Justin Gregoire

The computer science department at my university uses it for authenticating users who are logging in to CS dept computers remotely (usually from outside the building or department network) over SSH.

like image 31
Matt Ball Avatar answered Sep 27 '22 20:09

Matt Ball
Sign in to Comment

Related questions

Complex Righty System: ACL, RBAC and more what?
How to avoid injection for sorting query by runtime value
Homoglyph attack detection in email phishing
Working against a Secure-Channel with Security-Exit using XMS .NET API
Is AWS, specifically the load balancer service affected by SSL "Heart Bleed" exploit? [closed]
Ruby - unsupported cipher algorithm (AES-256-GCM)
Can we force perl always use three argument form of open when running from command line?
Storing game preferences and saved games in a secure format
Error patching Magento 1.7.1 Hunk #1 Failed at
What makes a string / token cryptographically secure?
Is passing application configuration in stdin a secure alternative to environment variables?
SpringBoot multiple authentication adapter
How exactly does Json Web Token (JWT) reduce the man-in-the loop attack?
CORS: Why there aren't a pre-flight request for POST with Content-Type:text/plain
Is it safe to expose the AWS Cognito Ids?
How is a refresh token more secure than a long lived JWT?
Does disabling anonymous access in IIS create a security risk?
How to implement security component in Windows Forms?
Import RSA keys to iPhone keychain?
How to create a secure licensed Java EE application? [closed]

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!