Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
comp . protocols . kerberos
+ new post
About this group
Subscribe to this group
This is a Usenet group - learn more
Find or start a Google Group about kerberos.
Group info
Language: English
Group categories:
Computers
More group info »
Active older topics
Multiple principals in a single application
9 new of 9 - May 20
Need help with PKINIT
3 new of 3 - May 16
hangs in gss_accept_sec_ context call on Windows with krb5-1.9.5 libs
1 new of 1 - May 10
MS Client Referrals
1 new of 1 - May 9
Questions regarding GSSAPI implementation
1 new of 1 - May 7
incremental propagation gets stuck with UPDATE_FULL_RES YNC_NEEDED
10 new of 10 - May 3
TGT for principals getting destroyed automatically
5 new of 5 - May 3
Constrained Delegation
2 new of 2 - May 3
Windows logon Authentication using MIT kerberos(Linux)
2 new of 2 - May 2
create root cache on boot
3 new of 3 - May 2
Discussions
View:  Topic list, Topic summary Topics 1 - 10 of 13439  Older »
Description: The Kerberos authentication server.
 

Help in incorporating PKINIT 
  Hi,   Starting new e-mail since felt that old e-mail was containing too much info (not clear one). I am using the MIT kerberos client API's to develop keberos client for a system. 1. Use custom named conf file for storing the realm, libdefaults etc this file once information is written is set to the  ... more »
By sasikumar bodathula  - 3:19am - 1 new of 1 message    

Kerberos FTP ticket filename 
  Hi all, I am having a problem here with the FTP authentication using Kerberos. What is happening is that when I connect from host_A to host_B using ftp, the acquired ticket (in host_B) is being stored as "/tmp/krb5cc_503_z2fgka". I also had this problem in SSH logins, and it seems to be related to a... more »
By Tiago Elvas  - May 20 - 9 new of 9 messages    

Incorrect delegation state shown on acceptor side by context flags 
  Hi, It seems there is a bug in MIT kerberos gss source code where the delegation state is set in context flags on acceptor side. I am using a keytab on server side to acquire credentials with in memory credential cache : *cred->usage == GSS_C_BOTH* Client has *delegation flag set to false* but has a *forwardable TGT*.... more »
By Vipul Mehta  - May 17 - 7 new of 7 messages    

Need help with PKINIT 
  HI,   Adding more information to the previous e-mail thread. In the conf file following information is stored. pkinit_anchors = FILE:<path>/cacert.pem   pkinit_identity = FILE:<path>/client.pem,& lt;path>/clientkey.pem When this was tested and same was captured in the wireshark it has AS_REQ messages not PA-PK-AS-REQ... more »
By sasikumar bodathula  - May 16 - 2 new of 2 messages    

PKINIT: Manual recovery of the AS key and decryption of the KDC-REP 
  Hi, In order to better understand Kerberos and PKINIT, I am trying to do a manual decryption of the AS exchange when RSA is used (not Diffie-Hellman). I am able to manually decrypt the exchange to the point where I hold the AS reply key. However, I am not able to go beyond. This is why I'd like some help.... more »
By Thomas Bourbaki  - May 16 - 2 new of 2 messages    

kerberos with connection to tls openldap 
  Hi, I have a problem that I believe isn't very common. I'm trying to use OpenLDAP as an back-end database for kerberos. As far as I managed to create realm, and add principals, I would like to secure a LDAP a bit. I added LDAP option: security ssf=128, and it enforces encryption. It works well for ldapsearch - without option "-Z" I got message:... more »
By Augustin Wolf  - May 15 - 4 new of 4 messages    

kadmin error 
  Hi Team, We are getting an error "Default prinicipal database does not exist" when starting kadmin. Do you have any ideas/solutions to fix this issue. Thanks Madhukar Please do not print this email unless it is absolutely necessary. The information contained in this electronic message and any attachments to this message are intended for the exclusive use of the addressee(s) and may contain proprietary, confidential or privileged information. If you are not the intended recipient, you should not disseminate, distribute or copy this e-mail. Please notify the sender immediately and destroy all copies of this message and any attachments.... more »
By madhuka.b...@wipro.com  - May 15 - 3 new of 3 messages    

pwqual builtin plugins not working 
  Adding "princ" and "dict" pwqual plugin settings to krb5.conf and a dict_file setting to realm in realms section of kdc.conf and restarting kdc and kadmind on MIT 1.11 kerberos installation doesn't appear to stop the principal name or dictionary words being set as password using 'kadmin cpw' eg krb5.conf... more »
By David Shrimpton  - May 15 - 2 new of 2 messages    

moving a krb5 kdc installation from one server to another 
  Are there any best practices for moving a KDC from one machine to another? I have a krb5 (1.9 with local changes right now) kdc backed by openldap slapd on a machine, and want to move it to another machine. Do I just dump the slapd directory and load it on the other machine, make sure the master passwords are there, and I'm done? Is there anything I... more »
By Chris Hecker  - May 13 - 1 new of 1 message    

password-change performance using AES-NI ? 
  A sort of follow-on from [link] One of the stated goals with 1.12 due in December is "AES-NI support for built-in crypto back end" Does anyone have a rough idea of how much improvement this might bring. I'm hoping it will be substantial because string-to-key... more »
By Danny Thomas  - May 11 - 3 new of 3 messages    

1 - 10 of 13439   « Newer | Older »

XML      
Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google