= SSH and Kerberos =
This page describes how to tackle the issue of CS managed machines (e.g. hulk and rocky) not allowing you to login without a password via SSH.

Please note that all the tools are already configured on [[Bruce]], [[Rambo]] and [[Zarya]].

=== 1. Configure your OS ===
 * Configure CentOS 6: SshKerberosCentos6
 * Configure CentOS 5: SshKerberosCentos5
 * Configure Mac OS X: SshKerberosMac
 * More OSs coming soon...

=== 2. Use the Kerberos tools ===
==== Get a ticket ====
Whenever you would like to log in to CS managed machines (e.g. hulk, rocky) just open a terminal and enter:

{{{
kinit your_cs_id
}}}
This command will ask you for the password of ''your_cs_id'' and obtain a Kerberos ticket for the account ''your_cs_id''. Now you can login to the CS managed machines without using a password (provided that you are logging in as ''your_cs_id'', of course).

If you would like to manually specify the lifetime of the Kerberos ticket, you can do it with the -l switch:

{{{
kinit -l 30d your_cs_id
}}}
The command above will issue a ticket with a lifetime of 30 days for the username johns.

You can obtain a ticket for any username if you have a password for that usename (so my username is ''js'' on the local machine I can still obtain the ticket for my johns CS account).

==== Listing your tickets ====
You can list all of the tickets that you currently posses with the klist command:

{{{
klist
}}}
==== Deleting tickets ====
There may be a case when you do not need the Kerberos ticket any more and you want to delete. No problem, you can do this:

{{{
kdestroy
}}}