Ensure the following packages are installed to handle Kerberos authentication and mounting CIFS filesystems:
|
1 |
apt install krb5-user cifs-utils keyutils |
Kerberos Ticket Initialization
Initialize the Kerberos ticket with the following command:
|
1 |
kinit yourname@yourdomain.com |
To verify the ticket’s validity and see details, use:
|
1 |
klist |
Manual Resource Mounting
To manually mount a CIFS resource, use the command below. Replace yourserver/yourresource and /your/mountpoint with the appropriate server address and local mount point:
|
1 |
mount -t cifs //yourserver/yourshare /yourmountpoint -o sec=krb5,cruid=0,uid=0,gid=0,vers=3.1.1,noperm,dir_mode=0777,file_mode=0777,iocharset=utf8 |
Auto-mounting via fstab
For persistent configuration that survives reboots, add the following entry to your /etc/fstab:
|
1 |
//yourserver/yourshare /yourmountpoint cifs sec=krb5,cruid=0,uid=0,gid=0,vers=3.1.1,noperm,dir_mode=0777,file_mode=0777,iocharset=utf8,_netdev,x-systemd.automount,x-systemd.requires=network-online.target 0 0 |
Summary
These settings are crucial for ensuring secure and reliable access to network resources using Kerberos on Linux systems. Always ensure your Kerberos tickets are valid and renew them as necessary. For any issues related to mounting or authentication, refer to the system logs or consult your system administrator.