[32562] in Kerberos
Re: Adding principal from client. Is the password exposed ?
daemon@ATHENA.MIT.EDU (Thorsten Haude)
Thu Aug 12 12:44:39 2010
Date: Thu, 12 Aug 2010 18:44:31 +0200
From: "Thorsten Haude" <yooden@gmx.net>
In-Reply-To: <AANLkTikMqwEr3r0tSXjkNo1-RnsHyocZgnkaZuK4nkV1@mail.gmail.com>
Message-ID: <20100812164431.17440@gmx.net>
MIME-Version: 1.0
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi,
> I am trying to add the principals from the kerberos kadmin client using
> addprinc command. How does the "password" is communicated to KDC from the
> client. I tried iptrace and found that there is no "plain text" password
> which is being send. So, what encryption is being used and how is it
> decrypted on KDC ?
The way I understand it, not at all. The KDC already knows the password and uses it to encrypt the response. The password is then used to decrpyt the response locally.
I'm new to Kerberos, wait for another reply to be sure.
--
Cheers,
Thorsten
--
Neu: GMX De-Mail - Einfach wie E-Mail, sicher wie ein Brief!
Jetzt De-Mail-Adresse reservieren: http://portal.gmx.net/de/go/demail
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
