[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



We add the router to the kerberos database..

 add --random.key host/router.aszi.sztaki.hu

We dump and edit, load  by heimdal.info, so kept des-cbc-crc encryption

We extract the router keytab to /etc/krb5.keytab file
 ext host/router.aszi.sztaki.hu

The krb5.keytab include only host/router.aszi.sztaki.hu.......

After upload it with tftp, as srvtab.
 kerberos srvtab remote tftp://bajusz.iif.hu/srvtab

Router config file:

	kerberos local-realm ASZI.SZTAKI.HU
  >	kerberos srvtab entry host/router.aszi.sztaki.hu@ASZI.SZTAKI.HU 1
	943280386 1 1 8 05>1<:8=:;662<;85
	kerberos server ASZI.SZTAKI.HU
	kerberos credentials forward

	[ Trying mutual KERBEROS5 ... ]
	[ Connection is NOT encrypted ]
	[ Kerberos V5 accepts you as ``szesz@ASZI.SZTAKI.HU'' ]



That`s good procedure?

   Szabolcs Szabo				e-mail : szesz@sztaki.hu
   Computer and Automation Institute            phone  : (361) 349-7532
   H-1132. Budapest, Victor Hugo u 18-22        fax    : (361) 329-7866