| Kerberos |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| | When
user authenticates, they are given a ticket |
||||||||||||
| | Tickets
are generally good for 8 hours |
||||||||||||
| | Useful
for things like authenticated NFS, IMAP, etc. |
||||||||||||
| | Kerberos
performs authentication, not |
||||||||||||
| authorization |
|||||||||||||
| | Kerberos
tells you if user claiming to be X really is or |
||||||||||||
| not |
|||||||||||||
| | It is
up to the client to decide if user X is allowed to do |
||||||||||||
| something |
|||||||||||||