Kerberos Authentication | Information Technology | University of Pittsburgh

You are here

Kerberos Authentication

Kerberos is a protocol designed to allow secure authentication over a non-secure network. Pitt IT provides the Kerberos 5 realm UNIV.PITT.EDU to all University users for use in applications, logging on to workstations and servers, or any other service that supports Kerberos authentication. This can be used to authenticate any University of Pittsburgh user with an active University Computing Account.

To use Kerberos 5, configure the system or application to use the realm UNIV.PITT.EDU (in all caps) and look up the Key Distribution Centers (KDCs) via DNS. The example below shows a minimal configuration of krb5.conf for use with MIT's Kerberos client on Unix, Linux, or Apple's macOS:


default_realm = UNIV.PITT.EDU

dns_lookup_kdc = 1