[1561] in Kerberos
V4 to V5 conversion
daemon@ATHENA.MIT.EDU (Dec-Glenn NoI Machin)
Thu Sep 19 19:53:54 1991
Date: Thu, 19 Sep 91 16:53:06 MDT
From: gmachin@somnet.sandia.gov (Dec-Glenn NoI Machin)
To: kerberos@ATHENA.MIT.EDU
Here at Sandia we are using kerberos v4 applications to access
facilities within our central site. A real rough estimate of nodes
are 500 of which 200 have kerberos user commands and "kerberized"
application clients. Some nodes outside the central site run
"kerberized" application servers, but the predominate use for
kerberos is for access to the central site facilties.
We would like to convert to kerberos v5, so that we can take advantage
of preauthentication/proxy/multiple ethernet interfaces etc. The V5 KDC
will accept v4 and v5 kinit requests and reply back with the appropriate
version of the ticket. The problem appears to be v4 clients talking to
v5 servers and vice versa. It appears to me ( and I hope I just missed
the boat ) that krb_sendauth() will not communicate krb5_recvauth(), and
krb_recvauth() will not communicate with krb5_sendauth().
If this is true then our 200+ nodes and our central site servers must
convert to V5 at the same time. If someone can point out to me where
I went wrong, and how I can get a V4 client to talk to a V5 server I would
greatly appreciate it.
Glenn Machin : Sandia Natl Labs
.
