[37657] in Kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: FAST OTP

daemon@ATHENA.MIT.EDU (Diogenes Jesus)
Fri Aug 26 16:39:07 2016

Mime-Version: 1.0 (1.0)
From: Diogenes Jesus <splash@gmail.com>
In-Reply-To: <7C5D7501-D822-4A79-963C-46BFC5EBD2DB@sandia.gov>
Date: Fri, 26 Aug 2016 22:38:47 +0200
Message-Id: <B768F928-1868-482E-9EDE-98E2DFD0C758@gmail.com>
To: "Machin, Glenn D" <GMachin@sandia.gov>
Cc: "kerberos@mit.edu" <kerberos@mit.edu>
Content-Type: text/plain; charset="utf-8"
Errors-To: kerberos-bounces@mit.edu
Content-Transfer-Encoding: 8bit



> I was able to configure a krb5-1.14.2 KDC to use FAST OTP with an RSA Authentication Manager Radius server.
> 
> I have a couple of questions:
> 
> 
> ·         FAST requires an existing ticket cache.  If you need a TGT to get a FAST OTP TGT how do you do that?

One way is to enable Anonymous support (http://k5wiki.kerberos.org/wiki/Anonymous_kerberos) - DONT forget to restrict anonymous to tgt only on your kdcs!

Dio

________________________________________________
Kerberos mailing list           Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[37657] in Kerberos

Re: FAST OTP

daemon@ATHENA.MIT.EDU (Diogenes Jesus)Fri Aug 26 16:39:07 2016

daemon@ATHENA.MIT.EDU (Diogenes Jesus)
Fri Aug 26 16:39:07 2016