Sunday, March 17, 2024
KERBEROSserverstech

What is KERBEROS?

Spread the love
WHAT IS KERBEROS?

Kerberos is a protocol for legitimating the services requests between trusted hosts across the untrusted
network, such as the internet, Kerberos is built into all major operating systems, including Microsoft 
Windows, Apple OS X, FreeBSD, and Linux.

Users, machines, and services using Kerberos need only trust the KDC, which runs as a single process
and provides two services: an authentication service and a ticket granting service.
The second name for the Kerberos can be given as the solution to all problems of authentication

KERBEROS PROTOCOL

The Kerberos protocol relies heavily on an authentication technique that makes use of shared secrets.
The basic concept is quite simple: If a secret is known by only two people,
either person can verify the identity of the other by confirming that the other person knows the secret.

AUTHENTICATION AND REQUESTS METHODS

The Kerberos authentication method is not like username/password method. It uses symmetric encryption

and a trusted third party known as the Key Distribution Centre (KDC) to authenticate users to a suite of network services.

It sends a ticket specifically to the user’s machine when a user is authenticated by the KDC and ask for a 
password to authorize the access any kerberized service to which the user is authenticated.
Whenever the user needs access to a network service, the client software uses the TGT to request a 

new ticket for that specific service from the Ticket-granting Server (TGS). The service ticket is then used to authenticate the user to that service transparently.

TECHNOLOGIES BASED ON KERBEROS

Windows Server 2003 implements the Kerberos V5 authentication protocol as an SSP, which is a 
dynamic-link library (DLL) supplied with the operating system. The system uses the Kerberos SSP, 
Kerberos.dll, as its first choice for authentication. After the LSA establishes a security context for an 
interactive user, another instance of the Kerberos SSP can be loaded by a process running in the user’s 
security context in order to support the signing and sealing of messages.

About The Author

2 thoughts on “What is KERBEROS?

  • Hi, how are you? I didn’t anticipate to concur with your post, but you made some excellent points.

    Thanks!

  • Thanks for such an engaging post. I actually took pleasure in reading
    this.

Leave a Reply