Kerberos – Create New User

I followed this tutorial and managed to install Kerberos on an AWS ubuntu box. I did not notice anything extra but until I need to create users.

In the origital Ubuntu environment, creating new users is nothing but two lines of code, useradd and passwd, this will create a new user and change the password if you have root access or the sudoer. However, in a Kerberized environment, you not only need to create a user at the Linux system level, but also need to create a principle in the Kerberos database and set up the password there.

Here is a screenshot of how to create a new user and the extra steps are simply login to the kerberos admin server and add the principals there. For some people, you might be wondering what those extra steps bring us, you are right, if you are talking about one machine, this will add zero benefit. However, consider you have a network of hosts/servers, when you change your password, do you really need to go to every machine and change them one by one? Having a centralized third party authentication software like Kerberos will totally save the time.


Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s