Kerberos pre-auth works it (the KDC) requests an encrypted timestamp
before sending credentials. If your radius server has a host/fqdn entry
in /etc/krb5.keyatb it will just work. You probably want hardware
pre-auth and I don't know about that one. You could ask kerberos@mit.edu
On Fri, 2005-07-
"Roy D. Hockett" <[EMAIL PROTECTED]> wrote:
> In kerberos v5 you can require what is referred to as preauth, and
> this means that the KDC doesn return a TGT until the client has
> authenticated. So I am asking if anyone have freeradius with the
> kerberos module working with a Kerberos KDC that r
Alan,
In kerberos v4 a client would request a Ticket Granting Ticket
(TGT) from the Kerberos KDC, and the KDC would comply and send it. In
kerberos v5 you can require what is referred to as preauth, and this means
that the KDC doesn return a TGT until the client has authenticated. So
I am as
"Roy D. Hockett" <[EMAIL PROTECTED]> wrote:
> I ahve looked on the web and haven't found anything afirming that
> freeradius will support or not support preauth with kerberos v5.
"preauth"?
There's an rlm_krb5 module, if that's what you're looking for.
Alan DekOk.
-
List info/subscribe/
I ahve looked on the web and haven't found anything afirming that
freeradius will support or not support preauth with kerberos v5.
Is anyone using preauth with kerberos v5 and freeradius? If there is
documentation on this please point me in the right direction.
Thanks,
-Roy
--
/**
5 matches
Mail list logo
