On 2 Jan 2006 21:24:28 -0800, Viswa <[EMAIL PROTECTED]>
wrote:
>
> I have a proposal. Let me know if this is a good idea to go about!
>
> 1. Generate seperate keytab file for each target.
> 2. Merge the keytabs into a common keytab file.
> 3. While configuring the target make sure they will use onl
I have a proposal. Let me know if this is a good idea to go about!
1. Generate seperate keytab file for each target.
2. Merge the keytabs into a common keytab file.
3. While configuring the target make sure they will use only the part
of the keytab ment for them.
This way the security is also not
I use Windows 2000 Pro. I installed Kerberos 5 and receiving tickets.
When I try to . using Filezilla, it says authentication failed. I
have GSS support checked in Filezilla, the ftp server that I am trying
to connect to is a Mac and it is running Kerberos 5. Any help will be
greatly appreciated
This type of setup won't work. You have to differentiate between what is
possible with Kerberos/GSSAPI and how are existing applications (e.g.
telnet,ftp,HTTP) using it. With telnet,ftp,HTTP you are bound to DNS
resolutions (A record and reverse, hosts files are possible but painful). If
you w
Instead of using ktpass on the kdc you can do all directly from the Unix
system, by using tools like net ads join from samba. (Keep in mind that you
need to authenticate to the kdc to create accounts and if you automate this
completly (e.g. with a hardcoded password) the password will be known a
Ken Raeburn wrote:
> On Dec 30, 2005, at 10:39, Huub wrote:
>
>>Hi,
>>
>>I've created a krb5.conf file but verify_krb5_conf says it fails:
>
>
> I'm not familiar with the program, but a man page I found on the web
> seems to indicate that it prints messages telling you what it thinks
> is wr
Sorry I didn't check the link, it was working some time ago fine. I think
the only way to automate it is via the ldap interface to Active Directory
( at least I am not aware of any other easy way). You may be able to write a
GSSAPI client server app to create the AD entry and fetch the keytab.
[EMAIL PROTECTED] wrote:
> I have a question. If I assume that there are some 100 devices which
> are acting as application servers and they want to use windows domain
> controller as KDC, then can I use same keytab file on all the devices ?
> I will have common entry for all the devices in the do
for the KDC, i use Heimdal Kerberos , Fedora 4
i have some windows machines and i want to add them to the realm, is that
possible? how?
thanks
Amir Saad
Software Engineer
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/ma
Hi Sandy,
of course you can use the same keytab on every device. At least, I can't
see why it should not be possible - technically
speaking. You should only consider if you want this scenario - all 100
devices connecting as the same user.
Try it with 2 devices first - copy the same keytab to both
Hi,
I am working on implementing kerberos on an embedded device which is
linux based. I need to use windows domain controller as KDC. I am
trying to find different ways of making the configuration process more
easier, such as generating keytab file .
I have tried using kerberos between windows an
11 matches
Mail list logo