لطفا منتظر باشید ...
Summary
Kerberos is an extremely powerful tool for
centralizing authentication in a network. The protocol uses encryption and a
centralized user database to allow application servers and workstations to rely
on the main Kerberos server to handle authentication tasks. If used to its
fullest, the result is that users can log into any workstation and then use
network services within the network without providing a password again. Even
the initial password is never sent over the network, so the risk of passwords
being compromised is greatly reduced. The centralized user database also
greatly simplifies account maintenance.There are several Kerberos implementations
available for Linux, some of which may be easier to use with any given
distribution than others. Configuring a Kerberos network requires installing at
least a subset of the Kerberos software on all computers. One system must be
configured as a key distribution center (KDC), which houses the user database. Servers
and workstations need Kerberized versions of their server and client programs,
respectively. If a single-login configuration is required, workstations require
modified login software. Although configuring this software can be tedious,
particularly if your distribution doesn't ship with appropriate Kerberos
packages, the benefits in security and centralized user administration can be
substantial in a mid-sized or large network.
