Skip to content
le photograveur edited this page Jun 10, 2023 · 14 revisions

Welcome to the Heimdal wiki!

What is Heimdal/Kerberos?

Heimdal is a free implementation of the Kerberos V network authentication protocol, which is a system for authenticating users and services on a network.

It is built upon the assumption that the network is “unsafe”. For example, data sent over the network can be eavesdropped and altered, and addresses can also be faked. Therefore they cannot be used for authentication purposes. Kerberos is a trusted third-party service. That means that there is a third party (the Kerberos server) that is trusted by all the entities on the network (users and services, usually called principals). All principals share a secret password (or key) with the Kerberos server and this enables principals to verify that the messages from the Kerberos server are authentic. Thus trusting the Kerberos server, users and services can authenticate each other.

The name Kerberos comes from Κέρϐερος in Greek or Cerberus in Latin, it describes the fierce three-headed dog with the tail of a dragon, and the heads of multiple snakes along his back who stands vigilantly in place to prevent the passage of unauthorized persons. -Apollodorus II. v. xi-xii.

Read a more technical explanation on Kerberos, attacks, and strategies.

The goals of Heimdal are to

  • have an implementation that can be freely used by anyone
  • be protocol compatible with existing implementations and, if not in conflict, with RFC 4120 (and any future updated RFC) (RFC 4120 replaced RFC 1510)
  • be reasonably compatible with the M.I.T Kerberos V5 API
  • have support for Kerberos V5 over GSS-API (RFC1964)
  • include the most important and useful application programs (rsh, telnet, popper, etc.)

Other free versions of Kerberos are available from MIT and Shishi. Microsoft Windows and Sun’s Java come with implementations of Kerberos.


The code is currently at release 7.7 and is available at You can browse the source code using

Heimdal git repository

To pull down the Heimdal git repository use the following commands. To read more about git, read the Git Community book.

git clone
cd heimdal
autoreconf -f -i

Heimdal 1.5 release branch

git clone
cd heimdal
git checkout -b heimdal-1-5-branch origin/heimdal-1-5-branch
autoreconf -f -i

All code is signed with Heimdal’s signing key.

Bug reports, Project Status, Contributions, and Mailing list

There are several ways you can contribute to the Heimdal Project, follow the projects status, submit bug reports or subscribe to the mailing lists.

Bug reports, Project Status, and Mailing list