![](/images/backgrounds/288365/hp-digital-netrider-users-manual-547426452x1.png)
Managing Kerberos
Managing KerberosIntroduction
This section describes Kerberos security features and explains how to configure and manage these features on the access server.
To use the procedures in this section, you must:
∙Ensure that the access server can communicate with a host running Kerberos V4 software.
∙Connect and test the devices.
∙Enable privileged status.
∙Configure the port and device characteristics to match.
Reference
Refer to the access server hardware documentation for information about connecting device cables. This section assumes that you have a basic understanding of Kerberos. Refer to Digital's Guide to Kerberos for more information.
Configuration PrerequisitesThis section describes the prerequisites for configuring the Kerberos security features on an access server.
Kerberos Host Requirements
∙To use Kerberos authentication, the access server must be able to communicate over the network with a host that functions as a Kerberos V4 key distribution center (KDC). The key distribution center is an ULTRIX or UNIX host that runs Kerberos software and contains a database of valid user names and passwords. The access server does not authenticate using the Kerberos V5 protocol.
∙To operate with the highest level of security, the access server must be registered with all KDCs within the Kerberos realms in which user authentication will take place. A realm refers to a group of hosts that share a common administrative domain for purposes of user authentication.
∙Each realm has one master KDC that contains a
A basic mode of operation is also available in which the access server does not need to be registered in any of the realms. This mode of operation is less secure, but easier to configure.