chapter  14
16 Pages

Configuring Kerberos

Kerberos Overview You previously learned that Cisco supports RADIUS, TACACS+, and Kerberos for authentication. You covered RADIUS and TACACS+, so it is time for Kerberos. Kerberos is a secret-key network authentication protocol, developed in the mid-1980s at the Massachusetts Institute of Technology (MIT) and other Bostonbased educational institutions as part of Project Athena, that uses the Data Encryption Standard (DES) cryptographic algorithm for encryption and authentication. If you remember your Greek mythology, Kerberos (or Cerberus) is the three-headed dog guarding the gates to Hades. The three-headed part works in that the dog is a fierce animal looking all around to protect Hades. Let us hope, however, that your network is not like Hades! The designers intended Kerberos as a network authentication solution that provides secure single sign-on and a ticket granting service.