Kerberos is a client-server network authentication protocol which works on the basis of tickets to enable nodes communicating over a non-secure network to mutually prove their identity to one another in a secure manner. There are a number of free implementations of Kerberos 5. These include: MIT Kerberos (The original) Heimdal GNU Shishi Both Microsoft Windows and Sun’s Java come with implementations of Kerberos. See RFC 4120 for full details of the Kerberos v5 Network Authentication Service.
System Security Service (SSSD) was initially developed to be the primary client component for FreeIPA but later became an independent project in its own right. The primary role of SSSD is to provide access to identity and authentication resources through a common framework that can provide caching and offline support to a system. When a user logs into a network with centrally managed accounts, the user information and credentials are automatically stored in an SSSD cache on the user’s system. For offline support, SSSD authenticates the user’s credentials against the local SSSD cache. Authentication through SSSD enables LDAP, NIS, and