Getting the TGT

• The user runs a program like kinit which sends a request to the Authentication Server for a ticket-granting-ticket (TGT).

• The AS creates a temporary session key (Ks1) and encrypts this with the client’s key (Kclient) which it gets from the Kerberos database

Previous slide

Next slide

Back to first slide

View graphic version