Museum

Home

Lab Overview

Retrotechnology Articles

⇒ Online Manual

Media Vault

Software Library

Restoration Projects

Artifacts Sought

Related Articles

acl_check(3krb)

des_crypt(3krb)

kerberos(3krb)

krb_get_lrealm(3krb)

krb_sendauth(3krb)

krb_sendmutual(3krb)

krb_set_tkt_string(3krb)

krb_svc_init(3krb)

krb.conf(5krb)

krb_slaves(5krb)

krb_dbase(5krb)

ext_srvtab(8krb)

kdb_destroy(8krb)

kdb_edit(8krb)

kdb_init(8krb)

kdb_util(8krb)

kdestroy(8krb)

kerberos(8krb)

kinit(8krb)

klist(8krb)

kprop(8krb)

kpropd(8krb)

kstash(8krb)

intro(3krb)

Name

intro − introduction to the Kerberos subroutines

Syntax

 #include <krb.h>

 #include <des.h>

 cc [ options ] files −lkrb −lknet
  −ldes −lacl [ libraries ]

Description

The Kerberos subroutines can provide for the authentication of and protection against the unauthorized modification of every message sent across a TCP/IP network from one application to another.  In addition, they provide a means to provide for the creation of access control lists (ACL) which an application can use with Kerberos authentication, to determine if another application is authorized to perform a particular action. 

The krb_svc_int(3krb) routines are designed to initialize the Kerberos libraries so that the other Kerberos routines can function properly. The krb_svc_init routines are used to contact a Kerberos server to obtain a ticket-granting ticket that can be used by the kerberos(3krb), krb_sendmutual(3krb), and krb_sendauth(3krb) routines. They also initialize pieces of Kerberos library data.  To use these routines, the libraries libkrb.a, libknet.a, and libdes.a must be linked with your application in the order listed.

The kerberos(3krb) routines krb_mk_req and krb_rd_req are designed to provide for the initial authentication of an application to another.  They are designed to be used with applications that support "on-the-wire" protocols in which authentication information can be placed.  The kerberos(3krb) routines krb_mk_safe and krb_rd_safe are designed to provide for the authentication of and protection against the modification of every message sent between two applications after the initial authentication message.  To use these routines, the libraries libkrb.a, libknet.a, and libdes.a must be linked with your application in the order listed.

The krb_sendmutual(3krb) routines are designed to provide for the mutual authentication of two applications after the initial authentication of one application, X to another, Y.  To provide mutual authentication, Y’s identity is proven by the krb_sendmutual routines to X.  To use these routines, the libraries libkrb.a, libknet.a, and libdes.a must be linked with your application in the order listed.

The krb_sendauth(3krb) routines are designed to provide both the initial authentication that krb_mk_req and krb_rd_req provide, as well as the mutual authentication of the krb_sendmutual routines.  The krb_sendauth routines are designed to be used with applications that do not have room in the protocols they support for authentication information.  To use these routines, the libraries libkrb.a, libknet.a, and libdes.a must be linked with your application in the order listed.

The krb_get_lrealm(3krb) routines are designed to provide information to the user about the Kerberos environment.  To use these routines, the library libkrb.a must be linked with your application.

The des_crypt(3krb) routines are designed to provide support for the above routines with respect to Data Encryption Standard (DES) keys.  The des_quad_cksum routine can be used to provide support for the authentication of and protection against the modification of every message sent between two applications after the initial authentication message.  It is designed to be used only with applications that have room in their "on-the-wire" protocol for authentication information.  To use these routines, the library libdes.a must be linked with your application.

The krb_set_tkt_string(3krb) routines are designed allow the user of the Kerberos libraries to modify some of the default settings of the Kerberos libraries.  To use these routines, the library libkrb.a must be linked with your application.

The acl_check(3krb) routines are designed to provide for the creation and use of access control lists (ACL).  After an application, X, correctly authenticates the identity of another, Y, the application X has the ability to assign access rights to Y, based on Y’s identity.  The routines above provide for the authentication of applications while the acl_check(3krb) routines provide the ability to store the access rights associated with each application.  To use these routines, the library libacl.a must be linked with your application.

Files

/usr/lib/libkrb.a

/usr/lib/libknet.a

/usr/lib/libdes.a

/usr/lib/libacl.a

See Also

All the other Kerberos reference pages:

acl_check(3krb)
des_crypt(3krb)
kerberos(3krb)
krb_get_lrealm(3krb)
krb_sendauth(3krb)
krb_sendmutual(3krb)
krb_set_tkt_string(3krb)
krb_svc_init(3krb)
krb.conf(5krb)
krb_slaves(5krb)
krb_dbase(5krb)
ext_srvtab(8krb)
kdb_destroy(8krb)
kdb_edit(8krb)
kdb_init(8krb)
kdb_util(8krb)
kdestroy(8krb)
kerberos(8krb)
kinit(8krb)
klist(8krb)
kprop(8krb)
kpropd(8krb)
kstash(8krb)

Typewritten Software • bear@typewritten.org • Edmonds, WA 98026