NOTE: 1) Ensure that DNS Server or '/etc/hosts' file is configured for the network.
2) Ensure that Time Synchronization is configured on all machines in the network.
Kerberos Realm: MYCOMPANY.COM
DNS Domain Name: mycompany.com
Kerberos Server: meru.mycompany.com
SSH Server: server1.mycompany.com
SSH Client: server2.mycompany.com
NOTE: All commands are to be executed as 'root' user.
1) Install packages.
[root@meru ~]# yum -y install krb5-server krb5-libs
2) Edit the file '/etc/krb5.conf'. Make the following changes.
default_realm = MYCOMPANY.COM
[realms]
MYCOMPANY.COM = {
kdc = meru.mycompany.com
admin_server = meru.mycompany.com
}
[domain_realm]
.mycompany.com = MYCOMPANY.COM
mycompany.com = MYCOMPANY.COM
3) Edit the file '/var/kerberos/krb5kdc/kdc.conf'. Make the following changes.
[realms]
MYCOMPANY.COM = {
#master_key_type = aes256-cts
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
supported_enctypes = aes256-cts:normal aes128-cts:normal des3-hmac- sha1:normal arcfour-hmac:normal camellia256-cts:normal camellia128-cts:normal des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal
}
4) Open Firewall Ports. KDC - 88(tcp/udp) , kadmind - 749(tcp/udp)
[root@meru ~]# firewall-cmd --zone=public --add-service=kerberos --permanent
[root@meru ~]# firewall-cmd --zone=public --add-port=749/tcp --permanent
[root@meru ~]# firewall-cmd --zone=public --add-port=749/udp --permanent
[root@meru ~]# firewall-cmd --reload
5) Create Kerberos database that stores keys for the kerberos realm.
[root@meru ~]# kdb5_util create -s
6) Edit the file '/var/kerberos/krb5kdc/kadm5.acl'. This file is used by 'kadmind' to determine which principals have admin access to the kerberos database.
*/admin@MYCOMPANY.COM *
7) Create the first principal.
[root@meru ~]# kadmin.local -q "addprinc shabbir/admin"
8) Start Kerberos Service
[root@meru ~]# systemctl start krb5kdc
[root@meru ~]# systemctl start kadmin
[root@server1 ~]# yum -y install krb5-workstation krb5-libs
2) Copy the file '/etc/krb5.conf' from the Kerberos Server (meru.mycompany.com).
[root@server1 ~]# scp root@meru.mycompany.com:/etc/krb5.conf /etc/krb5.conf
3) Create host principal in the kerberos database and extract keys for the host.
[root@server1 ~]# kadmin -p shabbir/admin -w shabbir
kadmin: addprinc -randkey host/server1.mycompany.com
kadmin: ktadd host/server1.mycompany.com
kadmin: quit
4) Edit the file '/etc/ssh/sshd_config' and enable kerberos authentication.
KerberosAuthentication yes
KerberosTicketCleanup yes
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
5) Restart 'sshd' and make sure firewall port is open.
[root@server1 ~]# systemctl restart sshd
[root@server1 ~]# firewall-cmd --zone=public --add-service=ssh --permanent
[root@server1 ~]# firewall-cmd --reload
[root@server2 ~]# yum -y install krb5-workstation krb5-libs
2) Create user principal for user 'batul' in the kerberos database.
[root@server2 ~]# kadmin -p shabbir/admin -w shabbir
kadmin: addprinc batul
kadmin: quit
3) Copy the file '/etc/krb5.conf' from the Kerberos Server (meru.mycompany.com)
[root@server2 ~]# scp root@meru.mycompany.com:/etc/krb5.conf /etc/krb5.conf
4) Create user 'batul
[root@server2 ~]# useradd batul
[root@server2 ~]# passwd batul
5) Login as user 'batul' and obtain a ticket.
[root@server2 ~]# su - batul
[batul@server2 ~]$ kinit batul
6) View the ticket
[batul@server2 ~]$ klist
7) Log in to the SSH Server. (server1.mycompany.com)
[batul@server2 ~]$ ssh batul@server1.mycompany.com
8) After quitting the ssh session, destroy the ticket.
[batul@server2 ~]$ kdestroy
2) Ensure that Time Synchronization is configured on all machines in the network.
Kerberos Realm: MYCOMPANY.COM
DNS Domain Name: mycompany.com
Kerberos Server: meru.mycompany.com
SSH Server: server1.mycompany.com
SSH Client: server2.mycompany.com
Configure Kerberos Server:
NOTE: All commands are to be executed as 'root' user.
1) Install packages.
[root@meru ~]# yum -y install krb5-server krb5-libs
2) Edit the file '/etc/krb5.conf'. Make the following changes.
default_realm = MYCOMPANY.COM
[realms]
MYCOMPANY.COM = {
kdc = meru.mycompany.com
admin_server = meru.mycompany.com
}
[domain_realm]
.mycompany.com = MYCOMPANY.COM
mycompany.com = MYCOMPANY.COM
3) Edit the file '/var/kerberos/krb5kdc/kdc.conf'. Make the following changes.
[realms]
MYCOMPANY.COM = {
#master_key_type = aes256-cts
acl_file = /var/kerberos/krb5kdc/kadm5.acl
dict_file = /usr/share/dict/words
admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
supported_enctypes = aes256-cts:normal aes128-cts:normal des3-hmac- sha1:normal arcfour-hmac:normal camellia256-cts:normal camellia128-cts:normal des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal
}
4) Open Firewall Ports. KDC - 88(tcp/udp) , kadmind - 749(tcp/udp)
[root@meru ~]# firewall-cmd --zone=public --add-service=kerberos --permanent
[root@meru ~]# firewall-cmd --zone=public --add-port=749/tcp --permanent
[root@meru ~]# firewall-cmd --zone=public --add-port=749/udp --permanent
[root@meru ~]# firewall-cmd --reload
5) Create Kerberos database that stores keys for the kerberos realm.
[root@meru ~]# kdb5_util create -s
6) Edit the file '/var/kerberos/krb5kdc/kadm5.acl'. This file is used by 'kadmind' to determine which principals have admin access to the kerberos database.
*/admin@MYCOMPANY.COM *
7) Create the first principal.
[root@meru ~]# kadmin.local -q "addprinc shabbir/admin"
8) Start Kerberos Service
[root@meru ~]# systemctl start krb5kdc
[root@meru ~]# systemctl start kadmin
Configure SSH Server:
1) Install packages.[root@server1 ~]# yum -y install krb5-workstation krb5-libs
2) Copy the file '/etc/krb5.conf' from the Kerberos Server (meru.mycompany.com).
[root@server1 ~]# scp root@meru.mycompany.com:/etc/krb5.conf /etc/krb5.conf
3) Create host principal in the kerberos database and extract keys for the host.
[root@server1 ~]# kadmin -p shabbir/admin -w shabbir
kadmin: addprinc -randkey host/server1.mycompany.com
kadmin: ktadd host/server1.mycompany.com
kadmin: quit
4) Edit the file '/etc/ssh/sshd_config' and enable kerberos authentication.
KerberosAuthentication yes
KerberosTicketCleanup yes
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
5) Restart 'sshd' and make sure firewall port is open.
[root@server1 ~]# systemctl restart sshd
[root@server1 ~]# firewall-cmd --zone=public --add-service=ssh --permanent
[root@server1 ~]# firewall-cmd --reload
Configure SSH Client:
1) Install packages[root@server2 ~]# yum -y install krb5-workstation krb5-libs
2) Create user principal for user 'batul' in the kerberos database.
[root@server2 ~]# kadmin -p shabbir/admin -w shabbir
kadmin: addprinc batul
kadmin: quit
3) Copy the file '/etc/krb5.conf' from the Kerberos Server (meru.mycompany.com)
[root@server2 ~]# scp root@meru.mycompany.com:/etc/krb5.conf /etc/krb5.conf
4) Create user 'batul
[root@server2 ~]# useradd batul
[root@server2 ~]# passwd batul
5) Login as user 'batul' and obtain a ticket.
[root@server2 ~]# su - batul
[batul@server2 ~]$ kinit batul
6) View the ticket
[batul@server2 ~]$ klist
7) Log in to the SSH Server. (server1.mycompany.com)
[batul@server2 ~]$ ssh batul@server1.mycompany.com
8) After quitting the ssh session, destroy the ticket.
[batul@server2 ~]$ kdestroy
SSN FULLZ AVAILABLE
ReplyDeleteFresh & valid spammed USA SSN+Dob Leads with DL available in bulk.
>>1$ each SSN+DOB
>>3$ each with SSN+DOB+DL
>>5$ each for premium fullz (700+ credit score with replacement guarantee)
Prices are negotiable in bulk order
Serious buyer contact me no time wasters please
Bulk order will be preferable
CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com
OTHER STUFF YOU CAN GET
SSN+DOB Fullz
CC's with CVV's (vbv & non-vbv)
USA Photo ID'S (Front & back)
All type of tutorials available
(Carding, spamming, hacking, scam page, Cash outs, dumps cash outs)
SQL Injector
Premium Accounts (Netflix, Pornhub, etc)
Paypal Logins
Bitcoin Cracker
SMTP Linux Root
DUMPS with pins track 1 and 2
WU & Bank transfers
Socks, rdp's, vpn
Php mailer
Server I.P's
HQ Emails with passwords
All types of tools & tutorials.. & much more
Looking for long term business
For trust full vendor, feel free to contact
CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com