[2110] in Kerberos-V5-bugs
Re: Canonical host names in a NIS/DNS network
daemon@ATHENA.MIT.EDU (Theodore Y. Ts'o)
Tue Jul 23 01:02:37 1996
Date: Tue, 23 Jul 1996 01:02:28 -0400
From: "Theodore Y. Ts'o" <tytso@MIT.EDU>
To: David Slack <slack@elendil.cc.utah.edu>
Cc: tytso@MIT.EDU, krb5-bugs@MIT.EDU
In-Reply-To: "[2103] in Kerberos-V5-bugs"
Date: Mon, 22 Jul 1996 11:27:47 -0600
From: David Slack <slack@elendil.cc.utah.edu>
We have another problem: although Kerberos 5 works great, we
would like to service Kerberos 4 requests as well. There is very
little documentation on this. We did do the configure with the
--with-krb4 option, and the kdc responds to Kerberos 4 requests, but
our Kerberos 4 clients always report that we have given an incorrect
password. We know its looking at the database because if we enter a
name not in the database, it says so.
If you want to use Kerberos V4 requests, you must use V4 salt --- if
you are using kdb5_edit to add your keys, make sure you are using the
av4k command in order to add the keys using the V4 salt.
- Ted
