API tools faq
paste
wtmhahagd

summary of crap i learned today

wtmhahagd
Oct 6th, 2014
242
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 0.86 KB | None | 0 0
raw download clone embed print report
  1. kerberos uses two servers, an authentication server that gives you a key, and a ticket-granting server that requires the key before it gives you a ticket.
  2.  
  3. a principal is your ID. it has your username, your host name, and some other crap. it's kinda like a Hello My Name Is sticker
  4.  
  5. a ticket is a little timestamped file. without it you'd have to input a password with every command, but the (service? host?) looks for a ticket first.
  6.  
  7. a root principal is a sticker you apply over the "Hello My Name Is Fox" sticker that says "Hello My Name Is Root" - you get one (automatically?) if you're in the wheel/one of the sudoers/whatever
  8.  
  9. to get into LDAP, you use your Kerberos principal as "bind credentials" (basically only use this in the context of LDAP) and send it through SASL. SASL is a bit of code that LDAP uses to authenticate and if SASL is happy you can access LDAP.
Add Comment
Please, Sign In to add comment
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!