How many of you remember your Greek mythology?

Remember the three-headed dog with the serpent tail and the heads of snakes along its back?  Its name was Cerberus and his purpose was to guard the gates of Hades.

That is where the authentication and authorization system known as Kerberos gets its name from – Cerberus.

Kerberos was developed for MIT’s project Athena and has been around since the 1980s. Kerberos works by exchanging secret keys between servers, users, applications and services. Kerberos is currently shipped with all major operating systems and uses a system known as Key Distribution Center (KDC). This KDC could be a domain controller in Windows or a server setup on the network. Once a KDC server is setup it is then up to the clients to authenticate to the KDC server.

I don’t know if it is still the case but when you set up a Kerberos server on Red Hat Linux you had to ensure that the Kerberos server and its clients were time synchronized. If there was a discrepancy of greater than five minutes then the Kerberos clients would be unable to authenticate to the Kerberos server.

Continue reading What be the three-headed dog, Kerberos?