FWIW, I've been running 1.6.1 (not 1.6.2 though) on production KDCs since
June 28. Everything seems to be working fine. I can get tokens via
kinit/aklog and plain klog (using fakeka).
The KDCs currently run Solaris, but that's going to change "real soon now"
once I've have had a chance to full
Mike Dopheide wrote:
> We've also found that reverting back to MIT Kerberos 1.4.3 wasn't good
> enough. Some principals would start working with klog again after
> another password change, but others needed to be deleted and recreated.
>
> Is anyone else using MIT Kerberos 1.6.2 and klog?
>
> -M
Just a thought, did you add/change enc_types when you went to 1.6.2?
E.g. were you supporting AES256, DES3 and DES under krb5-1.4.3 ? I've
seen issues with certain things not understanding the AES256 type.
< wrote:
> We've also found that reverting back to MIT Kerberos 1.4.3 wasn't good
> enoug
We've also found that reverting back to MIT Kerberos 1.4.3 wasn't good
enough. Some principals would start working with klog again after
another password change, but others needed to be deleted and recreated.
Is anyone else using MIT Kerberos 1.6.2 and klog?
-Mike
Mike Dopheide wrote:
Numbe
Number of keys: 5
Key: vno 30, AES-256 CTS mode with 96-bit SHA-1 HMAC, no salt
Key: vno 30, Triple DES cbc mode with HMAC/sha1, no salt
Key: vno 30, DES cbc mode with CRC-32, no salt
Key: vno 30, DES cbc mode with CRC-32, Version 4
Key: vno 30, DES cbc mode with CRC-32, AFS version 3
-Mike
Jeff
Matt Elliott wrote:
> We just discovered a problem with our KDC now running MIT 1.6.2. When a
> user changes their password (previous keys were created with our old kdc
> version 1.4.3 still work) with patches and then tries klog it longer
> grants tokens. klog returns "Unable to authenticate to
Matt Elliott <[EMAIL PROTECTED]> writes:
> We just discovered a problem with our KDC now running MIT 1.6.2. When a
> user changes their password (previous keys were created with our old kdc
> version 1.4.3 still work) with patches and then tries klog it longer
> grants tokens. klog returns "Unabl
We just discovered a problem with our KDC now running MIT 1.6.2.
When a user changes their password (previous keys were created with
our old kdc version 1.4.3 still work) with patches and then tries
klog it longer grants tokens. klog returns "Unable to authenticate
to AFS because password