[16047] in Kerberos_V5_Development
Re: Adding principal from client. Is the password exposed ?
daemon@ATHENA.MIT.EDU (Greg Hudson)
Thu Aug 12 10:12:39 2010
From: Greg Hudson <ghudson@mit.edu>
To: Use Nas <usenas@gmail.com>
In-Reply-To: <AANLkTikN4LjMVopuEJJvoN-+GkVP4UCuJ5zwwGWAeVcJ@mail.gmail.com>
Date: Thu, 12 Aug 2010 10:12:35 -0400
Message-ID: <1281622355.8066.823.camel@ray>
Mime-Version: 1.0
Cc: "krbdev@mit.edu" <krbdev@mit.edu>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: krbdev-bounces@mit.edu
On Thu, 2010-08-12 at 09:04 -0400, Use Nas wrote:
> I am trying to add the principals from the kerberos kadmin client using
> addprinc command. How does the "password" is communicated to KDC from the
> client. I tried iptrace and found that there is no "plain text" password
> which is being send. So, what encryption is being used and how is it
> decrypted on KDC ?
kadmin connections are encrypted using GSSRPC with the krb5 GSS
mechanism.
_______________________________________________
krbdev mailing list krbdev@mit.edu
https://mailman.mit.edu/mailman/listinfo/krbdev
