To set up kerberos on linux, first install the necessary software. It's usually available in the repositories of your distribution as "krb5" (archlinux, nixos) or "krb5-user" (debian, ubuntu). To simpify day-to-day use, consider placing the following in the file "/etc/krb5.conf":
default_realm = UNI-PADERBORN.DE
forwardable = true
ticket_lifetime = 10h
renew_lifetime = 7d
dns_lookup_realm = true
dns_lookup_kdc = true
You will then need to obtain a Kerberos Ticket before your first login. You can do so with the command "kinit example" (or "kinit -f example@UNI-PADERBORN.DE" if you did not configure Kerberos as described above), where "example" is the username of your IMT account. Please provide your IMT password when prompted. Your ticket will be valid for 10 hours.
Login via SSH
To use Kerberos for SSH logins, you will need to explicitly enable the GSSAPI authentication method. This can be done by adding the following to the file "~/.ssh/config", replacing "example" with your IMT username.
Host *.cs.upb.de *.cs.uni-paderborn.de
Host *.cs.upb.de *.cs.uni-paderborn.de,!sshgate.*,!git.*
You should now be able to log in (assuming you have obtained a Kerberos Ticket as described above) with the command "ssh example.cs.uni-paderborn.de" even without VPN.