Kerberos Authentication | Information Technology | University of Pittsburgh

Kerberos Authentication

Kerberos is a protocol designed to allow secure authentication over a non-secure network. Pitt IT provides the Kerberos 5 realm UNIV.PITT.EDU to all University of Pittsburgh users for use in applications, logging on to workstations and servers, or any other service that supports Kerberos authentication. This can be used to authenticate any University of Pittsburgh user with an active University Computing Account.

To utilize the University of Pittsburgh's Kerberos 5 service, configure the system or application to use the realm UNIV.PITT.EDU (the capitalization is important) and look up the Key Distribution Centers (KDCs) via DNS. The example below shows a minimal configuration of krb5.conf for use with MIT's Kerberos client on Unix, Linux, or Apple's MacOS:


default_realm = UNIV.PITT.EDU

dns_lookup_kdc = 1