System Administration Guide: Security Services

ticket

An information packet that is used to securely pass the identity of a user to a server or service. A ticket is valid for only a single client and a particular service on a specific server. A ticket contains the principal name of the service, the principal name of the user, the IP address of the user's host, a timestamp, and a value that defines the lifetime of the ticket. A ticket is created with a random session key to be used by the client and the service. Once a ticket has been created, it can be reused until the ticket expires. A ticket only serves to authenticate a client when it is presented along with a fresh authenticator. See also authenticator, credential, service, session key.

ticket file

See credential cache.

TGS

Ticket-Granting Service. That portion of the KDC that is responsible for issuing tickets.

TGT

Ticket-Granting Ticket. A ticket that is issued by the KDC that enables a client to request tickets for other services.

user principal

A principal that is attributed to a particular user. A user principal's primary name is a user name, and its optional instance is a name that is used to described the intended use of the corresponding credentials (for example, joe or joe/admin). Also known as a user instance. See also service principal.

VPN

Virtual Private Network. A network that provides secure communication by using encryption and tunneling to connect users over a public network.


	ticket An information packet that is used to securely pass the identity of a user to a server or service. A ticket is valid for only a single client and a particular service on a specific server. A ticket contains the principal name of the service, the principal name of the user, the IP address of the user's host, a timestamp, and a value that defines the lifetime of the ticket. A ticket is created with a random session key to be used by the client and the service. Once a ticket has been created, it can be reused until the ticket expires. A ticket only serves to authenticate a client when it is presented along with a fresh authenticator. See also authenticator, credential, service, session key. ticket file See credential cache. TGS Ticket-Granting Service. That portion of the KDC that is responsible for issuing tickets. TGT Ticket-Granting Ticket. A ticket that is issued by the KDC that enables a client to request tickets for other services. user principal A principal that is attributed to a particular user. A user principal's primary name is a user name, and its optional instance is a name that is used to described the intended use of the corresponding credentials (for example, `joe` or `joe/admin`). Also known as a user instance. See also service principal. VPN Virtual Private Network. A network that provides secure communication by using encryption and tunneling to connect users over a public network.