Table of Contents
13 使用 Zabbix 配置 Kerberos 监控
概述
Kerberos身份验证可用于Zabbix中的web监视和HTTP监控项。
这部分Kerberos配置描述Zabbix server使用'zabbix'用户对 www.example.com 进行web监控。
步骤
Security and file-permission notes
Keytab files must be readable only by the account that needs them. Example permissions: 0400 owned by zabbix:zabbix for a zabbix user keytab, or 0440 and root:www-data for an Apache keytab.
Avoid storing long-lived plaintext passwords on the host. Use keytabs or domain-joined machine principals where possible.
When running tests or scripts that set KRB5CCNAME or copy keytabs, double-check ownership and permissions after the operation — a webserver rejecting credentials is commonly a file-permission problem.