Difficulty: Beginner
Estimated Time: 10-20 minutes

This tutorial will guide you how to secure your Kerberos keytab files using Conjur Open Source

Conjur is an open source security service that integrates with popular tools to provide data encryption, identity management for humans and machines, and role-based access control for sensitive secrets like passwords, SSH keys, and web services ga

Wonderful! You have learnt how to use Conjur & Summon to secure your Kerberos Keytab files!

Securing Kerberos Keytab using Conjur & Summon

Step 1 of 4

Setup Kerberos

We will make use of the host as the client and create a container as Kerberos KDC

Install Kerberos Client

First, we install Kerberos client on the host

apt-get update
apt-get install -y krb5-user

Default Kerberos version 5 realm: CYBERARKDEMO.COM

Kerberos servers for your realm: localhost

Administrative server for your Kerberos realm: localhost

Setup Kerberos Server

Let's setup a Kerberos server on docker docker-compose -f docker-compose-krb5.yml up -d

Verify Setup

Let's try to logon as admin/[email protected]

kinit admin/[email protected]

Password for admin/[email protected]:5b1d328bc88b97356f406fab456b5a99

To verify the logged on principal, we can execute klist

Ticket cache: FILE:/tmp/krb5cc_0
Default principal: admin/[email protected]

Valid starting       Expires              Service principal
2018-12-14 14:10:16  2018-12-15 02:10:16  krbtgt/[email protected]
        renew until 2018-12-21 14:10:05