[EMAIL PROTECTED] ("Douglas E. Engert") wrote in message news:<[EMAIL PROTECTED]>...
> Tyson Oswald wrote:
> >
> > I did a manual comparision between the two files like this
> >
> > on Windows ktpass -in my.keytab
> >
> > on unix klist -k -K
> >
> > they are identical.
> >
> > Any idea what th
Some time ago, i finnished writing an ASN parser for kerberos V message
protocol.
Since i lack the opportunity to experience with it, i.e., i have no
opportunities where i could it, i wonder if some of you have the need
for it.
That's to say: i am seeking a project where i could use it to see how
> "Sensei" == Sensei <[EMAIL PROTECTED]> writes:
Sensei> Hi, I'm back. I'm trying to set everything
Sensei> step-by-step. The first step is to set up an
Sensei> authentication server.
Sensei> We're using a linux server and a client. Now the client
Sensei> uses pam_krb5.s
> "Sensei" == Sensei <[EMAIL PROTECTED]> writes:
Sensei> Hi. I have a(nother) question for kerberos. As we're
Sensei> setting up a centralized login, we have a problem.
Sensei> Our dept. is made of 8~10 labs, and we'd like to handle
Sensei> logins under *one* machine, but di
> "matt" == matt <[EMAIL PROTECTED]> writes:
matt> greetings, my understanding is that the KRB_AP_REP is
matt> returned by the host when mutual authentication is requested
matt> by the client. as part of the client authenticator, it can
matt> choose to provide (among others)
On each host type hostname --fqdn and make sure that matches what
Kerberos thinks the hostname is. I bet this is your problem.
Also, drop the enctype related parameters from /etc/krb5.conf although
not /etc/krb5kdc/kdc.conf. This isn't actually a problem, but the
enctype stuff is not needed by
greetings,
my understanding is that the KRB_AP_REP is returned by the host when
mutual authentication is requested by the client. as part of the
client authenticator, it can choose to provide (among others)
checksum, seq_no, subkey. however, in the KRB_AP_REP message, only
seq_no and subkey are
Hi.
I have a(nother) question for kerberos. As we're setting up a
centralized login, we have a problem.
Our dept. is made of 8~10 labs, and we'd like to handle logins under
*one* machine, but distinguish each login request from a lab to another.
I mean, every user should be able to login *only
One of the steps in enabling a single sign-on for Microsoft Windows users is
to map their individual user accounts to the appropriate Kerberos
principles. This used to be a tedious task, requiring lots of clicking and
lots of wasted time.
This task can now be automated using a tool I wrote called
Hi list members!
I'm trying to configure a kerberos server, I read the documentation and
followed the instructions, but something is wrong I think.
I have two debian sarge linux nodes on intranet (10.0.0.0/24)
with hostnames ha1.aitia and ha2.aitia. Teh kdc and the krb-admin server
is the ha1.
Hi, I'm back.
I'm trying to set everything step-by-step. The first step is to set up
an authentication server.
We're using a linux server and a client. Now the client uses pam_krb5.so
but I don't know if this is the right way to authenticate over an
insecure network.
Can you help me? Can y
11 matches
Mail list logo