Glossary
- default principal
- Your default principal is the one whose tickets are used when an application or service asks for tickets without specifying which principal is being authenticated. If you have only one principal, that principal is always the default.
About: Default Principals
- domain
- In Windows, realms are called domains.
About: Kerberos Terminology (Realms)
- encryption key
- A value that a specific code or algorithm uses to make information unreadable to anyone without a matching key.
- encryption type
- The type of encryption used to encode your tickets and session keys. You can show the encryption types used for your tickets and session keys by selecting that option in the View Options panel in the Options tab.
How to: Use View Options Panel
- expiration alarm
- Optional audible alarm that warns you 15, 10, and 5 minutes before your tickets expire. Turn the alarm on or off in the Ticket Options panel in the Options tab.
How to: Use the Ticket Options Panel
- flags
- Properties (renewable and/or forwardable) assigned to a ticket when you obtain it. Show or hide flags with the View Options panel in the Options tab.
How to: Use View Options Panel
About: Ticket Settings and Flags
- forwardable
- Tickets flagged as forwardable when you obtain them can be forwarded to the remote host when you connect via telnet, ssh, ftp, rlogin, or similar applications, so you will not need to get new tickets to use remote services.
About: Ticket Settings and Flags
- issued
- The date and time that your tickets were issued. Show or hide this information with the View Options panel in the Options tab.
How to: Use View Options Panel
- krbtgt
- The Kerberos Ticket Granting Ticket. If you click on a principal in the main window, you will see all of that principal's tickets. The first one will be for krbtgt because with Kerberos you first obtain a Ticket Granting Ticket that is then used to obtain Service Tickets for each service you use.
About: Kerberos Terminology (Tickets)
- principal
- A unique identity in Kerberos. For users, it is the identity you use to log on with Kerberos. Principals are a combination of your user name and the name of the realm you belong to.
About: Principals
- realm
- Kerberos realms are a way of logically grouping resources and identities that use Kerberos. Your realm is the home of your Kerberos identity and your point of entry to the network resources controlled by Kerberos. In Windows, realms are called domains.
About: Kerberos Terminology (Realms)
- renewable until
- The date and time after which your renewable tickets cannot be renewed any more. Show or hide this information with the View Options panel in the Options tab.
How to: Use View Options Panel
- RSA SecurID
- A method of using two-factor authentication to control user access to network resources. The two authentication factors are something the user knows (a secret PIN) and something the user has (an automatically generated code displayed either on a special device or on a device the user already owns, such as a phone). If your company uses RSA SecurID, you will need to enter your SecurID password after you use your Kerberos password to submit a Get Ticket request.
How to: Get tickets
- SecurID
- See RSA SecurID
- session key
-
A key used to encrypt and decrypt communications between computers. View the encryption type of your session keys by selecting Encryption Type in the View Options panel in the Options tab.
How to: Use View Options Panel
About: Encryption Types
- ticket
- Obtain your ticket by entering your user name and password. The ticket is an encrypted block of data that authenticates you to the group of network resources using Kerberos, allowing you to access those resources for the lifetime of the ticket.
About:Tickets
- valid until
- The date and time your ticket will expire. Show or hide this information with the View Options panel in the Options tab.
How to: Use View Options Panel