NetSteady wrote:
We are just trying to replicate the proceses that Kerberos for Windows
goes through, and the only traffic that we see from a windows machine
to a Kerberos KDC is the AS-REQ and AS-REP exchange. The process is
supposed to be as simple and fast as possible for password
We are just trying to replicate the proceses that Kerberos for Windows
goes through, and the only traffic that we see from a windows machine
to a Kerberos KDC is the AS-REQ and AS-REP exchange. The process is
supposed to be as simple and fast as possible for password validation,
as our possible
I'm actually speaking about the enc-part of the Kerberos packet itself,
not in the ticket. Is this the part you were speaking of?
Our problem is that we're trying to validate the password for the user
when we receive the AS-REP packet, but for some reason, we cannot find
where to get the
Maybe this helps (from
http://www.microsoft.com/technet/prodtechnol/windowsserver2003/library/TechRef/4a1daa3e-b45c-44ea-a0b6-fe8910f92f28.mspx
)
Markus
KRB_AS_REP Message Contents
The message includes:
. A TGS session key for the user to use with the TGS, encrypted with
the user key
On Sep 29, 2005, at 14:32, NetSteady wrote:
I'm actually speaking about the enc-part of the Kerberos packet
itself,
not in the ticket. Is this the part you were speaking of?
Any EncryptedData object. The specs in RFC 3961 specify how
encryption is done. For all (I believe) currently
--On Wednesday, September 21, 2005 07:07:03 -0700 NetSteady
[EMAIL PROTECTED] wrote:
In reading the RFC's it seems as though the encrypted data in the
packet should be able to be decrypted if we have the proper password.
However, the encrypted data changes with every attempt we send, and we
I'm continuing work on our NeXauth Product (http://www.nexauth.com) and
I'm having a problem duplicating the Kerberos process.
In reading the RFC's it seems as though the encrypted data in the
packet should be able to be decrypted if we have the proper password.
However, the encrypted data