Andrew,
I am forwarding your question to ISU's Solution Center,
they can help you correct your system.
John Hascall
Academic IT, ISU
--- Forwarded Message
Date: Wed, 14 Jul 2004 22:44:11 -0500
To: [EMAIL PROTECTED]
From: Andrew S Waxman <[EMAIL PROTECTED]>
I'm having trouble with my sidec
hi, somebody can help me?
i have installed kerberos server in my Linux REdhat AS 3.0, i think the
installation is ok!
i'm trying conecto using telnet from linuxbox to my Kerberos Server.
i did.
telnet -a -x -f domain.com
and the error is this one!
Jul 13 16:57:32 uvm.edu krb5kdc[4985](info): T
Kerberos mailing list [EMAIL PROTECTED]
https://mailman.mit.edu/mailman/listinfo/kerberos
I'm having trouble with my sidecar. I use sidecar to check email using
eudora at iowa state univeristy. i recently installed another version of
sidecar from cornell simultaneously to check something on that
system. after i removed it my iowa state sidecar has never acted the
same. i now hav
Has anybody tried to use the PAC field with MIT Kerberos ? I tried after a kinit
against a w2k kdc to look at the details in the
credential cache, but all pointers to authorisation data are 0.
Thank you
Markus
--
Markus Moeller <[EMAIL PROTECTED]>
_
[EMAIL PROTECTED] ("Henry B. Hotz") writes:
> In the long run the Kerberos password is a problem because the human
> brain does not obey Moore's law. As I see it the solution is to use
> some form of two-factor authentication for the initial ticket exchange.
>
> So what options are there in that
Hi,
I followed the directions in Brian Tung's article on Kerberos for Dummies
to set up a KDC on a Redhat9 Linux system. Upon trying to start the
daemon, I get a failure, with the log indicating that the master key
can't be located. Where is the master key stored and what configuration
file/par
Hi.
I've built an openafs cell, on debian stable. It authenticates over
kerberos 5 (MIT), and gains a token from openafs_session, so no kaserver
and no passwords anywhere other than kerberos db. Good it works. Now, my
question about it is: how to make it redundant?
We have a quite unreliable net
> "Markus" == Markus Moeller <[EMAIL PROTECTED]> writes:
Markus> Sam the document
Markus>
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnkerb/html/MSDN_PAC.asp
Markus> says:
Markus> The PAC is generated by the KDC under the following
Markus> conditions
Hi All,
I am new to this and am trying to get krb5 to make check on a HPUX 11.00 box. It
compiled ok after I did the below.
>I compiled Kerberos 1.3.1 on HPUX 11.00, using gcc 3.0.4. Module
>src/appl/bsd/compat_recv.c failed to compile because it couldn't find the
>"#include ", so I added an
Sam
the document
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnkerb/html/MSDN_PAC.asp
says:
The PAC is generated by the KDC under the following conditions:
a.. During an AS request that has been validated with pre-authentication.
b.. During a TGS request when the client
Given all the issues I didn't want to get into, maybe I shouldn't have
mentioned SecureID. Since I did mention it, it's good to have your
caveat on the record.
Just trying to make sure I really know what exists.
On Jul 15, 2004, at 11:27 AM, Ken Hornstein wrote:
So what options are there in t
> "Markus" == Markus Moeller <[EMAIL PROTECTED]> writes:
Markus> Has anybody tried to use the PAC field with MIT Kerberos ?
Markus> I tried after a kinit against a w2k kdc to look at the
Markus> details in the credential cache, but all pointers to
Markus> authorisation data (cr
> "Daniel" == Daniel Henninger <[EMAIL PROTECTED]> writes:
Daniel> Is there a patch to the 1.2.8 series to avoid: Buffer
Daniel> overflow in krb5_aname_to_localname functionality. See
Daniel> advisories index or advisory text.
The 1.3.0 patch works for 1.2.8. We still care about 1
Henry,
The CyberSafe TrustBroker products currently support RSA SecurID, VASCO
Digipass and SecureComputing SafeWord tokens. They also support smart
cards via PKINIT.
Thanks, Tim.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On
Behalf Of Henry B. Hotz
Sent: 15 Jul
>So what options are there in that space?
>
>AFAIK none --- with the standard open source servers. There are
>patches available for MIT to support CRYPTOcard and SecureID. There
>are patches available for Heimdal to support X509 certificates
>(PKINIT).
Just as a note: if you want to go dow
In the long run the Kerberos password is a problem because the human
brain does not obey Moore's law. As I see it the solution is to use
some form of two-factor authentication for the initial ticket exchange.
So what options are there in that space?
AFAIK none --- with the standard open sourc
Is there a patch to the 1.2.8 series to avoid:
Buffer overflow in krb5_aname_to_localname functionality. See advisories
index or advisory text.
Or is 1.2.8 not susceptable?
I hadn't seen any patches for pre-1.3.0. Are y'all officially considering
1.2.* "old as a brick" and time to upgrade?
Da
18 matches
Mail list logo
