Understanding Kerberos


Kerberos is a authentication protocol. Thus it is responsible to verify that you are the person you allege to be. It's main difference to the standard unix password checks is that it is a network protocol. So it can authenticate you remote. How does this work? A good explanaition is here:
Kerberos Explained, a more UNIX like explanation here: The Moron's Guide to Kerberos, but you also can check the documentation provided by your distribution. It's located at:
/usr/share/doc/krb5-server*/install-guide.ps.gz
/usr/share/doc/krb5-server*/admin-guide.ps.gz
But all you have to know at the moment is that you initially ask the kerberos server to give you a "ticket". Usually you get this ticket if you have provided a valid password. With this ticket, you can then authenticate to other computers, resources or services. So once you have the right ticket, you will not have to reenter your password. We'll look at that in more detail later.