On 3/17/24 23:33, Richard E. Silverman wrote:
I have a patch to libkrb5 which implements a feature similar to the SSLKEYLOGFILE environment variable that’s now in pretty wide use for TLS: it logs session keys to a keytab named by KRB5KEYLOGFILE. The main use for this, just as with the TLS version, is to decrypt packet captures with Wireshark; the latter’s KRB5 dissector takes a keytab as input.
I think that would be a reasonable feature to add. ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
