Passwords and Keys

• Kerberos has a one-way function that converts passwords into keys. You can get the key from the password but not the password from the key.

• This is similar to the way Unix passwords are stored in /etc/passwd.

• Using this function kinit gets a user’s key (Kclient) from their password when they enter it.

• Users’ keys are also stored in the Kerberos database where the KDC can access them.

Previous slide

Next slide

Back to first slide

View graphic version