Norbert Klasen wrote:
--On Freitag, 17. September 2004 20:35 + Jeffrey Altman
[EMAIL PROTECTED] wrote:
Jacques Lebastard wrote:
How can I check this and, second question, how can I generate a keytab
with RC4-HMAC encryption ? The ktpass tool does not accept the RC4-HMAC
crypto type:
[- /]
Norbert Klasen wrote:
--On Freitag, 17. September 2004 20:35 + Jeffrey Altman
[EMAIL PROTECTED] wrote:
Jacques Lebastard wrote:
How can I check this and, second question, how can I generate a keytab
with RC4-HMAC encryption ? The ktpass tool does not accept the RC4-HMAC
crypto type:
[- /]
Norbert Klasen wrote:
--On Freitag, 17. September 2004 20:35 + Jeffrey Altman
[EMAIL PROTECTED] wrote:
Jacques Lebastard wrote:
How can I check this and, second question, how can I generate a keytab
with RC4-HMAC encryption ? The ktpass tool does not accept the RC4-HMAC
crypto type:
[- /]
Norbert Klasen wrote:
--On Freitag, 17. September 2004 20:35 + Jeffrey Altman
[EMAIL PROTECTED] wrote:
Jacques Lebastard wrote:
How can I check this and, second question, how can I generate a keytab
with RC4-HMAC encryption ? The ktpass tool does not accept the RC4-HMAC
crypto type:
[- /]
Sorry for the duplicate mails. My e-mail client hang and send it multiple
times
Markus
Markus Moeller [EMAIL PROTECTED] wrote in message
news:[EMAIL PROTECTED]
Norbert Klasen wrote:
--On Freitag, 17. September 2004 20:35 + Jeffrey Altman
[EMAIL PROTECTED] wrote:
Jacques Lebastard
--On Freitag, 17. September 2004 20:35 + Jeffrey Altman
[EMAIL PROTECTED] wrote:
Jacques Lebastard wrote:
How can I check this and, second question, how can I generate a keytab
with RC4-HMAC encryption ? The ktpass tool does not accept the RC4-HMAC
crypto type:
[- /] crypto :
Douglas E. Engert wrote:
If your service is running on Unix, then you must make sure that
you create a keytab containing entries for each of the keys that
Windows can produce for the SPN. (RC4-HMAC, DES-CBC-MD5, DES-CBC-CRC).
The DES enctypes will only be used if the account associated with
the
The MIT ktutil has an addent subcommand added in 1999-08-06 sometime
prior to version 1.2.2. Heimdal implemented the add subcommand in
March of 1998.
As you point out the Solaris 9 verison of ktutil does not have this.
I don't think it has arcfour support in the libs either. We use MIT
Kerberos
Jeffrey Altman wrote:
There is no need to nor should you set the tkt and tgs enctypes.
MIT Kerberos 1.3 and higher support all of the enctypes used by
the Windows Kerberos SSPI.
If your service is running on Unix, then you must make sure that
you create a keytab containing entries for each
Jacques Lebastard wrote:
Jeffrey Altman wrote:
There is no need to nor should you set the tkt and tgs enctypes.
MIT Kerberos 1.3 and higher support all of the enctypes used by
the Windows Kerberos SSPI.
If your service is running on Unix, then you must make sure that
you create a keytab
Jacques Lebastard wrote:
How can I check this and, second question, how can I generate a keytab
with RC4-HMAC encryption ? The ktpass tool does not accept the RC4-HMAC
crypto type:
[- /] crypto : Cryptosystem to use
[- /] crypto : is one of:
[- /] crypto : DES-CBC-CRC
Hi there,
our client/server application uses either SSPI (Windows) or GSS-API
(UNIX) in order to establish a secure context.
In order to make it work properly, I had to set specific encryption
types in the krb5.conf file of the UNIX server:
[libdefaults]
default_tkt_enctypes =
There is no need to nor should you set the tkt and tgs enctypes.
MIT Kerberos 1.3 and higher support all of the enctypes used by
the Windows Kerberos SSPI.
If your service is running on Unix, then you must make sure that
you create a keytab containing entries for each of the keys that
Windows can
13 matches
Mail list logo