DRAFT: At IU, in Gentoo Linux, how do I authenticate to the Kerberos realm (IU.EDU)?
To authenticate to the Kerberos realm at Indiana University (IU.EDU) using Gentoo Linux:
Note: You will need to be logged in as root for the following commands to work.
- Run the following command to install MIT Kerberos 5: USE="-krb4" emerge mit-krb5
- Run the following command to install pam_krb5: emerge pam_krb5
- Download the
krb5.conffile at: http://www.eyrie.org/~eagle/software/pam-krb5/
- Change the
/etc/pam.d/system-authto: auth required /lib/security/pam_env.so auth sufficient /lib/security/pam_unix.so likeauth nullok auth sufficient /lib/security/pam_krb5.so use_first_pass auth required /lib/security/pam_deny.so
When you attempt to authenticate, PAM will first check
/etc/passwd file for the correct password. If
this check fails, PAM will then perform a check against one of the
Kerberos servers. If the Kerberos check is successful, you will be
allowed to log in.
To log into a workstation, you must have an existing local account.
At Indiana University, for personal or departmental Linux or Unix systems support, see At IU, how do I get support for Linux or Unix?
Last modified on September 23, 2009.