KDC
- 网络密钥分发中心(Key Distribution Center);密钥分配中心;密钥发行中心
KDC
KDC
密钥分发中心(Key Distribution Center)
使用密钥分发中心 (KDC) (kpasswd) 的密码值来更改登录的用户的密码。有关如何使用此命令的示例,请参阅示例。
密钥分配中心
方,即密钥分配中心(KDC)?KDC可以看作是一个秘密密钥源,与 DES一起使用;也可以是一个公开密钥源?Kerberos就建立在这个 …
密钥发行中心
此策略设置确定密钥发行中心 (KDC) 是否根据用户帐户的用户权限策略来验证会话票证的每个请求。验证会话票证的每个请求 …
Key Distribution Center——Kerberos
KDC(Kerberos Key Distribution Center——Kerberos密钥发布中心)服务主要同Kerberos认证协议协同使用,用于在整个活动 …
1
The KDC supplies the ME with single-sign-on credentials in the form of a Key Encryption Key (KEK).
所述KDC向所述ME提供密钥加密密钥(KEK)形式的单点登录证书。
2
The following steps are required on both the KDC machines to set up an inter-realm between the two realms that have been configured so far.
下面的步骤是在两个领域(到目前为止已经配置的领域)之间设置跨领域配置时,在两个KDC计算机中所需采取的步骤。
3
KDC is responsible for key distribution and all the authentication processes which may take place in the network.
KDC负责密钥分发和可能在网络上发生的所有身份验证过程。
4
Since the slave KDC is meant for backing up the master KDC in an emergency, the slave KDC might need to use the read-write copy.
因为从KDC用于在紧急情况下替代主KDC,所以从KDC可能需要使用可读写拷贝。
5
You've got the valid credentials from KDC for principal name sandeep, so let's try to log in as principal root, as shown in Listing 3.
您已经从KDC获得了主体名sandeep的有效凭据,所以让我们来尝试以主体root用户进行登录,如清单3所示。
6
For a KDC in one realm to authenticate Kerberos users in a different realm, it must share a key with the KDC in the other realm.
如果一个领域中的KDC要对另一个领域中的Kerberos用户进行身份验证,它就必须与另一个领域中的KDC共享密钥。
7
The figure below provides an overview of the communication between the client, application server and the KDC during authentication.
下面是一个概览图,展示了客户机、应用服务器和KDC在身份验证期间的通信。
8
Please note KDC is configured to support encryption types which are a variant of des-cbc-crc, as it works well with OpenAFS.
请注意,KDC被配置为支持des-cbc-crc变体的这些加密类型,因为des-cbc-crc非常适用于OpenAFS。
9
Administrators with a hybrid environment can benefit from a single IBM NAS KDC on AIX for authentication across different platforms.
在混合环境中,可以使用单个AIXIBMNASKDC进行不同平台的身份验证,管理员将可以从中受益。
10
In this type of scenario, users authenticate once to the KDC, and then their authentications are valid for a predetermined time period.
在这种情况下,用户只需一次性通过KDC身份验证,然后其身份验证信息就会在预定义的时间段内有效。
11
As I am not interested in using any of the KDC options, I don't need to do any logical processing to author the kdc-options field.
因为我不想使用任何KDC选项,所以我不需要对生成kdc-options字段进行任何逻辑处理。
12
This message is directed to the KDC component known as Authentication Server (AS).
这个消息指向称为身份验证服务器(AuthenticationServer,AS)的KDC组件。
13
In this article, you have examined all the necessary steps required to set up the IBM NAS KDC and administration discovery using TDS.
在本文中,您研究了使用TDS进行IBMNASKDC和管理服务器发现所需的所有配置步骤。
14
The KDC was unable to generate a referral for the service requested.
KDC无法为要求的服务生成参照。
15
This makes it very important that the KDC database is not compromised because otherwise it becomes a single point of failure.
因此KDC数据库绝对不能泄漏,否则它就会成为一个单点故障,这一点非常重要。
16
Fix: Verify whether the server service principal name and client principal name are in the KDC database.
解决方案:检查服务器服务主体名和客户机主体名是否存储在KDC数据库中。
17
The KDC failed to update the trusted domain list. The error is in the data.
KDC无法更新受新任域列表。错误在数据中。
18
A simple Kerberos configuration is a realm definition, which includes KDC server, kadmind server (optional) and clients.
一种简单的Kerberos配置是一个域定义,其中包含KDC服务器、kadmind服务器(可选)和客户端。
19
To configure the NAS KDC server to use the legacy database, use the following command, as shown in Listing 3 .
要将NASKDC服务器配置为使用遗留数据库,可以使用下面的命令,如清单3中所示。
20
Edit the kdc. conf file to reflect the encryption types required by all the clients and relevant principals.
编辑kdc.conf文件,反映所有客户端和相关主体所需的加密类型。
21
kinit: This utility obtains the name and port of the KDC from the LDAP server.
kinit:这个实用工具可以从LDAP服务器中获得KDC的名称和端口号。
22
On a non-KDC-enabled system (not a domain controller), the KDC service startup type is disabled.
在不支持KDC的系统(非域控制器)上,KDC服务启动类型被禁用。
23
Note: There is no "kdc" or "admin_server" entry for this type of configuration under the [realm] stanza, unlike in the default case.
注意:与缺省情况不同的是,对于这种配置类型,在[realm]节之下没有相应的“kdc”或者“admin_server”条目。
24
The client principal name and client host principal name should be in the KDC database.
客户机主体名和客户机主机主体名必须在KDC数据库中。
25
The example KDC setup below shows the steps needed to set up an MIT Kerberos authentication system.
下面的示例KDC设置展示了设置MITKerberos身份验证系统所需的步骤。
26
Receiving the reply from KDC, client then decrypts the message using its own secret key.
客户端接收KDC的回复,然后使用自己的秘密密钥解密消息。
27
After changing the kdc. conf file, the Kerberos server must be restarted.
在修改kdc.conf文件之后,必须重新启动Kerberos服务器。
28
Only one conifig. krb5 command on the slave KDC, and that is all.
只需要在从KDC上运行一个conifig.krb5命令,仅此而已。
29
Therefore, securing the KDC is of paramount importance.
因此,保证KDC的安全至关重要。
30
Use this utility to setup a realm entry for a Kerberos V5 realm by defining a list of KDC servers and "kpasswd" server for the realm.
使用此工具,通过为领域定义KDC服务器列表和“kpasswd”服务器,可为KerberosV5领域设置领域条目。