Open Source Kerberos Tooling
Overview
Source
KNC
Kharon
krb5_admin
krb5_keytab
k5ping
lnetd
prefork

The Open Source Kerberos Tools (OSKT) are a collection of programs and libraries that simplify the administration of Kerberos realms and aid in the development of Kerberised applications.

krb5_admin

is a replacement for kadmin/kadmind which provides extensible ACLs, a customisable command set, secure host key bootstrapping, self-service service key management, and self-service client ticket management.

krb5_keytab

manipulates keytabs by talking to krb5_admin. krb5_keytab simplifies the administration of keytabs, supports secure host key bootstrapping, allows for safe key rotation on a periodic basis, and supports clusters.

KNC (Kerberised NetCat)

is a tool which operates much like netcat but provides a secure transport substrate using GSS-API. KNC is used by the rest of OSKT but can be used independently to rapidly develop and deploy secure Kerberised applications. KNC provides a stable command line tool which can be used as either a client or a server, and there is a C library in development which can be directly linked to applications.

Kharon

is a framework for writing simple secure OO RPC applications in Perl. It is used as the basis for krb5_admin but can also be used to quickly develop arbitrary Kerberised Perl applications.

lnetd

is a command line tool which acts like inetd(8) but listens on UNIX domain sockets instead of INET sockets.

prefork

is a service which can be invoked from either inetd(8) or lnetd which manages a pool of preforked services.

License

All of the software is covered under a BSD/MIT style license.