In this tutorial I will show you how to install Kerberos server on Ubuntu 16.04.
sudo apt install krb5-kdc krb5-admin-server krb5-config -y
Enter your realm. I will use REALM.CA
Enter your servers. I will use localhost
Enter your administrative server. I will use localhost
Now you can click Ok and installation will continue.
Next we can create our new realm
sudo krb5_newrealm
Enter your password then confirm it.
Now we can edit our kadm5.acl to have admin. Uncomment “*/admin *”
sudo nano /etc/krb5kdc/kadm5.acl
Now we make our keytabs directory and grant the necessary permissions.
sudo mkdir -p /etc/security/keytabs/ sudo chown root:hduser /etc/security/keytabs sudo chmod 750 /etc/security/keytabs
Now we edit our krb5.conf file
sudo nano /etc/krb5.conf
Ensure it looks like the below
[libdefaults]
default_realm = REALM.CA
[realms]
REALM.CA = {
kdc = localhost
admin_server = localhost
}
[domain_realm]
.realm.ca = REALM.CA
realm.ca = REALM.CA
Now we can restart the kerberos services
sudo service krb5-kdc restart; service krb5-admin-server restart
Once you create a principal if when you attempt to use kadmin you get the error “GSS-API (or Kerberos) error while initializing kadmin interface”. Then do the following.
sudo RUNLEVEL=1 apt-get install rng-tools cat /dev/random | rngtest -c 1000 sudo apt-get install haveged cat /proc/sys/kernel/random/entropy_avail cat /dev/random | rngtest -c 1000 haveged -n 2g -f - | dd of=/dev/null
Uninstallation
sudo apt remove --purge krb5-kdc krb5-admin-server krb5-config -y sudo rm -rf /var/lib/krb5kdc
References
I used the following references as a guide.
http://blog.ruanbekker.com/blog/2017/10/18/setup-kerberos-server-and-client-on-ubuntu/
http://csetutorials.com/setup-kerberos-ubuntu.html
12 thoughts on “Kerberos Server Installation”
Comments are closed.