[2116] in Kerberos-V5-bugs


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Beta 7 requires stash file

daemon@ATHENA.MIT.EDU (Sam Hartman)
Thu Jul 25 22:07:42 1996

Date: Thu, 25 Jul 1996 22:07:26 -0400
From: Sam Hartman <hartmans@MIT.EDU>
To: krb5-bugs@MIT.EDU


	Under previous version of Kerberos, a stash file was not
required; if not present, a password was prompted by utilities like
kadmind, krb5kdc, etc.  The OV admin system instead fails to load.  I
could see an argument for requring having a stash file, although in
some situations I can see a reasonable argument for the increased
security associated with not having a stash file.

	However, I consider it a bug that this functionality
disappeared without an active decision on the part of the Kerberos
team.  Possibly after Beta 7, libkadm5 should be modified to support
this functionality or  a formal decision to require a stash file
should be made.  If a stash file is required, its generation should be
part of the create command in kdb5_util.

--Sam


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[2116] in Kerberos-V5-bugs

Beta 7 requires stash file

daemon@ATHENA.MIT.EDU (Sam Hartman)Thu Jul 25 22:07:42 1996

daemon@ATHENA.MIT.EDU (Sam Hartman)
Thu Jul 25 22:07:42 1996