https://en.wikipedia.org/wiki/Kerberos_(protocol)
![]()
KDC = Key Distribution Center
TGT = Ticket-Getting Ticket
AS = Authorization Server
ST = Service Ticket
TGS = Ticket Granting Service
SPN = Service Principal Name
1) AS-REQ / AS-REP : user logs in, using key in keytab file he authenticates in AS/KDC. AS/KDC checks if user exists in its DB. User gets a TGT (time limited)
2) user
Kerberos uses a keytab file https://kb.iu.edu/d/aumh
KDC = Key Distribution Center
TGT = Ticket-Getting Ticket
AS = Authorization Server
ST = Service Ticket
TGS = Ticket Granting Service
SPN = Service Principal Name
1) AS-REQ / AS-REP : user logs in, using key in keytab file he authenticates in AS/KDC. AS/KDC checks if user exists in its DB. User gets a TGT (time limited)
2) user
Kerberos uses a keytab file https://kb.iu.edu/d/aumh