[3529] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: cross-realm kerb4

daemon@ATHENA.MIT.EDU (Derek Atkins)
Mon Jul 11 04:13:18 1994

To: Porlin Kang <pk2k+@andrew.cmu.edu>
Cc: kerberos@MIT.EDU
In-Reply-To: [3528] in Kerberos
Date: Mon, 11 Jul 94 01:49:16 EDT
From: Derek Atkins <warlord@MIT.EDU>

You have two realms, REALM1 and REALM2.  You come up with a shared key
between these realms (remember, it is the DES key, not the passphrase
that is shared!)

In REALM1 you create a key: krbtgt.REALM2@REALM1
In REALM2 you create a key: krbtgt.REALM1@REALM2

Make sure both of these keys have the same DES key and the same kvno.
Then make sure that your krb.conf and krb.realms files are correct.

And that's it -- you have a shared key!

Hope this helps

-derek

         Derek Atkins, SB '93 MIT EE, G MIT Media Laboratory
       Member, MIT Student Information Processing Board (SIPB)
    Home page: http://www.mit.edu:8001/people/warlord/home_page.html
       warlord@MIT.EDU    PP-ASEL     N1NWH    PGP key available


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3529] in Kerberos

Re: cross-realm kerb4

daemon@ATHENA.MIT.EDU (Derek Atkins)Mon Jul 11 04:13:18 1994

daemon@ATHENA.MIT.EDU (Derek Atkins)
Mon Jul 11 04:13:18 1994