It is simple to use Kerberos through the MIT Kerberos program. Click the Get Ticket button and log on to get a Kerberos ticket. This ticket is proof of your identity and allows you to access all of the network resources you are pemitted to use. For the most part, your tickets are passed on through the network without needing anything more from you.
Kerberos tickets do expire, usually after about the length of a working day.
Tickets |
---|
To keep passwords from being transmitted in the clear and to provide users the convenience of a single log-on to access multiple services and hosts, Kerberos uses the concept of tickets. Once a user provides a valid identity and password, Kerberos issues the user a ticket with a limited lifetime. In most cases the ticket then allows the user to access all of the servers and hosts he or she should be able to access, for the lifetime of the ticket. When you get tickets through Leash, Kerberos verfies that you are who you say you are by checking your user name and password and then gives you an initial ticket. When you access a service in your Kerberos realm, Leash passes your initial Kerberos ticket to the service. The service verifies the ticket and then issues you a service ticket that allows you access to that service. You don't have to worry about obtaining these new service tickets; they are automatically given to you. You can view service tickets with Leash but cannot directly obtain or destroy them. |