|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
From: Peter Waller <peter.waller@gmail.com> Date: Thu, 3 Jun 2010 01:59:57 -0700 (PDT) Message-ID: <c0f2417f-1738-40d7-8ffa-257e9301b7d4@c22g2000vbb.googlegroups.com> Mime-Version: 1.0 X-Complaints-To: groups-abuse@google.com Complaints-To: groups-abuse@google.com To: kerberos@mit.edu Content-Type: text/plain; charset="iso-8859-1" Errors-To: kerberos-bounces@mit.edu Content-Transfer-Encoding: 8bit Hi Simon, On Jun 2, 6:00 pm, Simon Wilkinson <si...@sxw.org.uk> wrote: > > Karmic 9.10: OpenSSH 5.1p1-6ubuntu2, libgssapi-krb5-2 > > 1.7dfsg~beta3-1ubuntu0.6 > > Lucid 10.04: OpenSSH 5.3p1-3ubuntu3, libgssapi-krb5-2 1.8.1+dfsg-2 > > This particular version change makes me suspect something related to DES tickets. Does the service ticket you're trying to obtain have encryption types other than DES? > > The entire DES removal in 1.8 seems to have been extremely poorly communicated to the user community at large. I'm not sure whether the Kerberos Consortium or the downstream vendors should take responsibility for this, but it is _very_ easy to break production machines in fun and exciting ways by upgrading to 1.8. My advice, at present, would be to avoid 1.8 entirely until others have found all of the pain points and the documentation has been improved. Thanks for your response. klist -v shows: Ticket etype: des-cbc-md5, kvno 44 Ticket length: 318 If DES has been removed, I guess this could be the problem? After some googling, I can't figure out how to get a list of valid enctypes to try. I tried a few enctypes I found by googling, but they all failed either locally (unrecognized enctype) or remotely (krb5_get_init_creds: KDC has no support for encryption type). Is there a simple way to get a list of valid enctypes? Thanks in advance for any help, - Peter ________________________________________________ Kerberos mailing list Kerberos@mit.edu https://mailman.mit.edu/mailman/listinfo/kerberos
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |