A. Configuring Ingres to Use Kerberos
Share this page                  
Configuring Ingres to Use Kerberos
The Kerberos authentication mechanism can be used as an alternative to the INGRES or SYSTEM security mechanisms. Kerberos is a network authentication and encryption protocol that provides a highly secure alternative to operating system-level password authentication, and optionally allows encryption of the entire data stream exchanged between the DBMS server and client.
The INGRES and SYSTEM security mechanisms are called “static” mechanisms, because they are embedded in Ingres. The Kerberos security mechanism is called a “dynamic” mechanism, because it depends on third-party software that is dynamically loaded into Ingres executable images at runtime.
Kerberos is available as freeware from the Massachusetts Institute of Technology at http://web.mit.edu/kerberos/. Kerberos is also available commercially or may be available natively on certain operating systems, such as Linux. The MIT site contains extensive documentation on Kerberos installation and configuration.
The Ingres Kerberos driver references authentication and encryption routines in the Kerberos environment, most notably, the shared library or DLL containing GSS API authentication routines.