Mr. Leipold explains what Kerberos is and why you want to use it.
Tie Some Loose Ends

Let us tie up a few loose ends: you should be aware that changing telnetd -a valid to telnetd -a user will allow users to login without authentication. If they don't run kinit, they won't even get a login prompt if you use telnet -a valid. Remember, since the passwords are stored on your KDC, make sure no one breaks into it; otherwise, they will have access to all the machines to which the KDC grants access. Get to know the terms principal, realm, kdc, etc.—almost anything you come across will use them.

Now What?

Well, you most likely feel I've left out a lot—and you are right, I have. There is plenty more to learn and plenty more to try. The MIT webpage has tons of links to more information. Of course, you can always e-mail me and ask me, and I'll try to answer you quickly.

Cosimo Leipold ( is a student at Northwestern University who has nothing better to do than learn UNIX. He now works for the Kellogg Graduate School of Management as a System Administrator. He lives with his love Chiara, who says he's a dork.