大資料實戰(八十二):電商數倉(六十六)安全之Kerberos安全認證(二)Kerberos資料庫操作
阿新 • • 發佈:2020-08-28
1 登入Kerberos資料庫
1)本地登入(無需認證)
[root@hadoop102 ~]# kadmin.local
Authenticating as principal root/[email protected] with password.
kadmin.local:
2)遠端登入(需進行主體認證,先認證剛剛建立的管理員主體)
[root@hadoop103 ~]# kadmin
Authenticating as principal admin/[email protected] with password.
Password for admin/[email protected]:
kadmin:
退出輸入:exit
2 建立Kerberos主體
[root@hadoop102 ~]# kadmin.local -q "addprinc atguigu/atguigu" Authenticating as principal root/[email protected] with password. WARNING: no policy specified for atguigu/[email protected]; defaulting to no policy Enter password for principal "atguigu/[email protected]": (輸入密碼) Re-enter password for principal "atguigu/[email protected]": (輸入密碼) Principal "admin/[email protected]" created.
3 修改主體密碼
[root@hadoop102 ~]# kadmin.local -q "cpw atguigu/atguigu" Authenticating as principal root/[email protected] with password. Enter password for principal "atguigu/[email protected]": (輸入密碼) Re-enter password for principal "atguigu/[email protected]": (輸入密碼) Password for "atguigu/[email protected]" changed.
4 檢視所有主體
[root@hadoop102 ~]# kadmin.local -q "list_principals" Authenticating as principal root/[email protected] with password. K/[email protected] admin/[email protected] atguigu/[email protected] kadmin/[email protected] kadmin/[email protected] kadmin/[email protected] kiprop/[email protected] krbtgt/[email protected]