Hello list!
I have installed kerberos retrived from SUN.
The installed packages are Sun Enterprise Authentication Mechanism and
Solaris Encryption pack.
When i try to create a stash file i get the following error.
bash-2.03# /usr/krb5/sbin/kdb5_util create -r DOMAIN.SE -s
krb5_init_context fai
Hello,
I have a running MIT kerberos V server (on Linux), and I wanted to
raise the ticket lifetime for the Tgt's.
I raised the "maximum ticket life" for that principal in kadmin.
I raised the "max_life" setting in the realms section of kdc.conf.
I raised the "ticket_lifetime" in the libdefaul
>I have a running MIT kerberos V server (on Linux), and I wanted to
>raise the ticket lifetime for the Tgt's.
>
>I raised the "maximum ticket life" for that principal in kadmin.
Did you just raise the max lifetime of the tgt principal, or the client
principal, or both? (You need to do both). A
Hi,
thanks for your response, marc. actually, i *am* implementing the full
spec, all (except for ccc?) of which is working - CCC is just an option
(which we will deprecate and warn people about). or at least i think i am -
rfc 2228. i don't see any update to that (in fact, it seems to be only a
[EMAIL PROTECTED] (Ken Hornstein) writes:
> >I have a running MIT kerberos V server (on Linux), and I wanted to
> >raise the ticket lifetime for the Tgt's.
> >
> >I raised the "maximum ticket life" for that principal in kadmin.
>
> Did you just raise the max lifetime of the tgt principal, or th
[EMAIL PROTECTED] ("Glen Matthews") writes:
>> thanks for your response, marc. actually, i *am* implementing the full
>> spec, all (except for ccc?) of which is working - CCC is just an option
>> (which we will deprecate and warn people about). or at least i think i am -
>> rfc 2228. i don't se
>kinit -l 24h gives longer tickets by now. But kinit (without options)
>or pam do not.
>
>> Make sure that "kinit -l 300h" shows a longer ticket lifetime as well;
>> maybe PAM isn't picking up those entries.
>
>This seems to be a client-side issue by now. Where does kinit takes it
>defaults from?
Hi,
thanks for the previous response, marc.
ok, here's the sequences. Note that these are re-typed, not captured:
The following occurs when the CCC command is *not* attempted.
220 blah FTP server (Version 5.60) ready
AUTH GSSAPI
334 Using authentication type GSSAPI; ADAT must follow
ADAT Y
