| Kerberos |
|
|
|
|
|
|
|
|
|
|
|
|
|
| • | Stores
username/password pairs |
|||||||||||
| – | Usernames
are called principals |
|||||||||||
| – | Kerberos
database equivalent to /etc/shadow |
|||||||||||
| • | Passwords,
encrypted or not, are almost |
|||||||||||
| never
sent across the network |
||||||||||||
| • | Server
encrypts keys with user’s password, |
|||||||||||
| other
folks can’t decrypt/use them without |
||||||||||||
| the
password |
||||||||||||