diff --git a/README.rst b/README.rst
index a351b50f..9bcab86b 100644
--- a/README.rst
+++ b/README.rst
@@ -906,16 +906,11 @@ Setting Up Kerberos + LDAP Authentication
 =========================================
 
 MBS defaults to using OIDC as its authentication mechanism. It additionally
-supports Kerberos + LDAP, where Kerberos proves the user's identity and LDAP
-is used to determine the user's group membership. To configure this, the following
+supports Kerberos (through mod_auth_gssapi) + LDAP, where Kerberos proves the user's identity
+and LDAP is used to determine the user's group membership. To configure this, the following
 must be set in ``/etc/module-build-service/config.py``:
 
 - ``AUTH_METHOD`` must be set to ``'kerberos'``.
-- ``KERBEROS_HTTP_HOST`` can override the hostname MBS will present itself as when
-  performing Kerberos authentication. If this is not set, Python will try to guess the
-  hostname of the server.
-- ``KERBEROS_KEYTAB`` is the path to the keytab used by MBS. If this is not set,
-  the environment variable ``KRB5_KTNAME`` will be used.
 - ``LDAP_URI`` is the URI to connect to LDAP (e.g. ``'ldaps://ldap.domain.local:636'``
   or ``'ldap://ldap.domain.local'``).
 - ``LDAP_GROUPS_DN`` is the distinguished name of the container or organizational unit where groups
diff --git a/module_build_service/config.py b/module_build_service/config.py
index de154b8a..3f8f6517 100644
--- a/module_build_service/config.py
+++ b/module_build_service/config.py
@@ -373,22 +373,6 @@ class Config(object):
             "default": "oidc",
             "desc": "Authentiation method to MBS. Options are oidc or kerberos",
         },
-        "kerberos_http_host": {
-            "type": str,
-            "default": "",
-            "desc": (
-                "Hardcodes the HTTP host MBS identifies as in Kerberos. If this isn't set, "
-                "it will be derived dynamically."
-            ),
-        },
-        "kerberos_keytab": {
-            "type": str,
-            "default": "",
-            "desc": (
-                "Overrides the use of the environment variable KRB5_KTNAME, which specifies "
-                "the location to the Kerberos keytab for authentication."
-            ),
-        },
         "ldap_uri": {
             "type": str,
             "default": "",
@@ -824,15 +808,6 @@ class Config(object):
                 raise ValueError("ldap3 is required for kerberos authz")
         self._auth_method = s.lower()
 
-    def _setifok_kerberos_keytab(self, s):
-        keytab = str(s)
-        if keytab:
-            keytab = os.path.expanduser(keytab)
-            if not os.path.exists(keytab):
-                raise ValueError("The path set for KERBEROS_KEYTAB does not exist")
-
-        self._kerberos_keytab = keytab
-
     def _setifok_ldap_uri(self, s):
         ldap_uri = str(s)