[2177] in Kerberos-V5-bugs
Re: Documentation lacking questions.
daemon@ATHENA.MIT.EDU (Sam Hartman)
Wed Aug 21 13:30:50 1996
To: "Randall S. Winchester" <rsw@Glue.umd.edu>
Cc: Sam Hartman <hartmans@MIT.EDU>, krb5-bugs@MIT.EDU
From: Sam Hartman <hartmans@MIT.EDU>
Date: 21 Aug 1996 13:30:35 -0400
In-Reply-To: "Randall S. Winchester"'s message of Tue, 20 Aug 1996 17:20:18 -0400 (EDT)
>>>>> "Randall" == "Randall S Winchester" <rsw@Glue.umd.edu> writes:
Randall> Which ever is correct should be added to
Randall> config-files/services.append. Otherwise change the
Randall> source to look at the defined variables in adm.h as; /* *
Randall> Kerberos V5 Change Password service name */ #define
Randall> KRB5_ADM_SERVICE_NAME "kpasswd" #define
Randall> KRB5_ADM_DEFAULT_PORT 464
I kind of got the impression the message was referring to a
principal, not a TCP service. Anyway, see below for why I don't care
that much either way.
We have removed kadmind5 from our source tree and are no
longer tracking bugs in it. As mentioned in a previous press release,
OV graciously donated their admin system to us.It has finally been merged into the tree.
I will certainly confirm that the appropriate entries are in
services.append, and that it deals properly with des-cbc-md5. I already know it creates the principals it needs.
Randall> Thanks, that worked, but I also noticed that I had to
Randall> kinit again before I could use kpasswd. I got the
Randall> following error:
Randall> aria:/usr/local/krb5/bin; ./kpasswd Enter old password:
Randall> Enter new password: Re-enter new password: ./kpasswd:
Randall> error (Password mismatch) reading passwords.
This is very strange. I will confirm I can't get it to happen
with the new admin system.
Randall> : : If you relaly need to get des3 running now, I can
Randall> give you the : necessary incantations; I'm using it and
Randall> it does work once you apply : the SHS endianness patch,
Randall> but you may not be able to use your keys : with future
Randall> releases of Kerberos.
Randall> I would appeciate these "incarnations", thanks! I do not
Randall> care about compatability at this time as I only want to
Randall> run some timing experiments.
Randall> A large goverment agency (outside the university) is
Randall> looking at using Kerberos and encryption across the
Randall> country and wants to know what sort of thruput delays to
Randall> expect with various encryption types.
OK, will do. It'll be coming shortly, but I want to check a few things first.
Randall> Thanks again!
Randall> Randall
