When you configure your KDC, now is time to configure application server. IN this exercise we will try to setup authentication on Kerberos instead on NIS. Also we will try to configure SSH service with Kerberos. Let's start!
On KDC you should add host principal, and extract that principal in keytab which can read only root. Take care about selinux type.

[root@security1 var]# kadmin.local
admin.local: addprinc -randkey host/security1.setenforce.com
kadmin.local: ktadd -k /etc/krb5.keytab host/security1.setenforce.com
[root@security1 var]# restorecon /etc/krb5.keytab

On station which we will use like client (security2) you should have a same krb5.conf as on KDC. So copy it and make sure that selinux is in right type. Add principal for host/security2.setenforce.com.

[root@security1 var]# scp /etc/krb5.conf root@security2:/etc/krb5.conf
[root@security2 etc]# restorecon /etc/krb5.conf
[root@security2 etc]# kadmin
kadmin: addprinc -randkey host/security2.setenforce.com
kadmin: ktadd -k /etc/krb5.keytab host/security2.setenforce.com

After this you should start system-config-authentication on server and client side, and enable kerberos authentication. You can now log in like user testing. Use kinit to get ticket, and if you want to use ssh without delegate credentials add this GSSAPIDelegateCredentials yes in /etc/ssh/ssh_config