ARCHIVED: At IU, in Gentoo Linux, how do I authenticate to the Kerberos realm (IU.EDU)?

This content has been archived, and is no longer maintained by Indiana University. Information here may no longer be accurate, and links may no longer be available or reliable.

To authenticate to the Kerberos realm at Indiana University (IU.EDU) using Gentoo Linux:

Note: You will need to be logged in as root for the following commands to work.

  1. Run the following command to install MIT Kerberos 5: 
      USE="-krb4" emerge mit-krb5
  2. Run the following command to install pam_krb5: 
      emerge pam_krb5
  3. Download the krb5.conf file at: 
      http://www.eyrie.org/~eagle/software/pam-krb5/
  4. Change the auth section of /etc/pam.d/system-auth to: 
      auth required /lib/security/pam_env.so
  auth sufficient /lib/security/pam_unix.so likeauth nullok
  auth sufficient /lib/security/pam_krb5.so use_first_pass
  auth required /lib/security/pam_deny.so

When you attempt to authenticate, PAM will first check the local /etc/passwd file for the correct password. If this check fails, PAM will then perform a check against one of the Kerberos servers. If the Kerberos check is successful, you will be allowed to log in.

To log into a workstation, you must have an existing local account.

At Indiana University, for personal or departmental Linux or Unix systems support, see Get help for Linux or Unix at IU.

This is document aqjc in the Knowledge Base.
Last modified on 2018-01-18 14:11:24.