hide random home http://umbc7.umbc.edu/kerbdoc.html (PC Press Internet CD, 03/1996)
Kerberos Information

General Information on the

UMBC Kerberos Enviornment

Kerberos

Kerberos is a system that provides a more secure means of distributing passwords to networked machines, as well as enabling users to make use of authenticated services such as Zephyr.

To use kerberos, the user only has to log in. At this point, the user is given a "ticket" which will last up to 12 hours. This ticket is part of a cryptographic system that Kerberized programs will automatically use to validate the users identity. The current tickets can be viewed with the klist command: 

[user@umbc7] user>klist
Ticket file:    /tmp/tkt5176
Principal:      user@UMBC.EDU

  Issued           Expires          Principal
Aug 22 10:07:28  Aug 22 20:07:28  krbtgt.UMBC.EDU@UMBC.EDU
Aug 22 10:07:32  Aug 22 20:07:32  zephyr.zephyr@UMBC.EDU

In this instance, the user has their general ticket, and a Zephyr ticket (also automatic) which enables them to use the Zephyr messaging system.

Another command that is useful is the kinit command, which is needed for unauthenticated logins, or when a login session lasts longer than 12 hours. This will generate a new ticket that will last another 12 hours. 

[user@umbc7] user>kinit
UMBC (umbc7)
Kerberos Initialization
Kerberos name: user
Password:

At Umbc, the current Kerberos realm covers Umbc7, Umbc8, Umbc9, and the general student lab machines. This means that if a user has an account on both Umbc7 and Umbc8, their passwords will be the same between them, as they are part of the same realm. The user files, however, will still be independant as they are different machines.

Zephyr

Zephyr is a system that provides an Authentic means of passing messages to other users in the kerberos domain. To send a message, the user simply types zwrite username. For example: 

[user@umbc7] user>zwrite user
Type your message now.  End with control-D or a dot on a line by itself.
hi username..
.
user: Message sent
The message will either be written to the destination users current window, or a small window will be placed on their screen with the message, depending if they are logged on to a workstation/X Display or not.

Another useful zephyr command is znol which will automatically send you a zephyr message when another user logs in. 

[user@umbc7] user> znol -u myfriend

Other associated commands are: 

 zaway      - Mark when you are away and send a response to any zwrites
 zstat      - Return the current status of your zephyr session
 zctl       - Hide/Unhide/Destroy old zephyr locations
 zwgc       - Zephyr WindowGram server to receive zephyr messages

NOTES

The Kerberos and Zephyr commands are in a new location, and may not be part of many people's paths. The general files are in /usr/athena, which has the header files, libraries, and programs to run. The programs themselves are in /usr/athena/bin, and /usr/athena/etc.