You are here

Kerberos for Ubuntu

Printer-friendly versionPrinter-friendly version

Note: It is assumed that you are already connected to the internet when following these steps.

Installing Kerberos

  • Open a terminal by opening the dash, and searching for 'terminal'.

    Launch terminal

  • Run the command
    user@ubuntu:~$ sudo apt-get install krb5-user
  • Enter your local account password. When prompted to continue, press Y and then Enter.


  • You will be asked to enter a default Kerberos 5 realm. Enter INF.ED.AC.UK (all caps).


  • Press Enter. Installation should complete itself from this point on.

Using Kerberos

To use Kerberos authenticated services, you first need to obtain a ticket using the kinit command. Tickets will be destroyed when you restart your computer, when you run the command kdestroy, or when they expire. You will need to run kinit again after any of these occur.

  • Run the command kinit followed by your DICE username, e.g.
    user@ubuntu:~$ kinit fred
    Password for fred@INF.ED.AC.UK: 

    Enter your DICE password and press enter. If successful, the command will return no output.
    Note: If you have another realm set up as your default, append @INF.ED.AC.UK to your username

    The kinit command accepts a number of options to modify how long your ticket lasts, how long it can be renewed for, and options for forwarding and proxying. For further details: man kinit

  • To check, list, or show all your tickets, run the command klist:
    user@ubuntu:~$ klist
    Ticket cache: FILE:/tmp/krb5cc_1000
    Default principal: fred@INF.ED.AC.UK
    Valid starting     Expires            Service principal
    08/02/16 17:54:43  09/02/16 17:54:39  krbtgt/INF.ED.AC.UK@INF.ED.AC.UK

What now?

Now that you have configured Kerberos, you may want to:

Configure and use SSH with Kerberos
Configure OpenAFS
Configure Firefox and Chrome for single-sign-on with our Cosign service

Last reviewed: 

System Status

Home dirs (AFS)
Other services
Scheduled downtime

Choose a topic