[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: more q's on multiple salted keys kaserver and afs

On 07/14/00 13:49:55 +0200 Leif Johansson <leifj@it.su.se> wrote:
| 2. I am setting up an afs-cell and am sadly unable to get klog (or
| klog.krb) to work with heimdal kdc w kaserver support -- getting
|     "password incorrect". I think I need klog to work be able to get
|     win32 transarc clients to play  nice (kauth/afslog works ok with
|     afs3.6 on uni*es btw) ... I suspect the  problem is that my
|     principals lack afs3 salted keys. How does that theory  sound?

Correct; I had to patch our kadmind to force AFS3-salted passwords (which 
patch will hopefully be obsoleted by Derrick's), as otherwise anyone who 
changed their password lost the ability to use klog when the new password 
ended up with pw-salt.

brandon s. allbery     [os/2][linux][solaris][japh]    allbery@kf8nh.apk.net
system administrator        [WAY too many hats]          allbery@ece.cmu.edu
electrical & computer engineering                                      KF8NH
carnegie mellon university      ["better check the oblivious first" -ke6sls]