[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: more q's on multiple salted keys kaserver and afs -- possible kdc bug?

To: Miroslav Ruda <ruda@ics.muni.cz>
Subject: Re: more q's on multiple salted keys kaserver and afs -- possible kdc bug?
From: Leif Johansson <leifj@it.su.se>
Date: Mon, 17 Jul 2000 15:59:21 +0200
cc: heimdal-discuss@sics.se
In-Reply-To: Message from Miroslav Ruda <ruda@ics.muni.cz> of "Mon, 17 Jul 2000 14:41:31 +0200." <200007171241.e6HCfVO05453@erebor.ics.muni.cz>
Sender: owner-heimdal-discuss@sics.se



> I would sugest to patch kdc to support both v4 and v5 salt for des key.
> 
>                      Mirek Ruda

The patch in question supposedly adds all possible salts and non-salts for
all new keys (chpasswd or new principals) which is probably what you want.

However I have more information indicating a possible bug in kdc/kaserver
(or as usual in your truly :-). Exasperated I tried to remake myself with

[kadmin]
	default_keys = des:pw-salt: afs3-salt:su.se

Then both the NT client and the transarc unix klog work! If I then redo 
myself with what I would consider the "right" set of keys/salts

[kadmin]
	default_keys = v5 des:pw-salt: afs3-salt:su.se

then nothing works (except for arla klog and heimdal kauth which always seem 
to work). It would seem like kaserver picks the wrong des keys and only gets 
it right when there are no other keys to choose from... I'm sorry if this is
a bit confused ...

	MVH leifj

References:
- Re: more q's on multiple salted keys kaserver and afs
  - From: Miroslav Ruda <ruda@ics.muni.cz>

Prev by Date: Re: more q's on multiple salted keys kaserver and afs
Next by Date: Re: more q's on multiple salted keys kaserver and afs
Prev by thread: Re: more q's on multiple salted keys kaserver and afs
Next by thread: Re: more q's on multiple salted keys kaserver and afs
Index(es):
- Date
- Thread