[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: mixing heimdal an MIT kerberos V
Alberto Patino writes:
> Im using Heimdal 0.5.1 as our kdc on Solaris and HPUX.
> pam_krb5 from SOLARIS is working and we are using the OPEN SOURCE
> version of pam_krb5 to work with HP-UX.
>
>
> I have kerberized NFS, SMB (Samba 3.0) ssh, ftp and telnet services
> working against Heimdal.
>
> One comment, SOLARIS uses /etc/krb5/krb5.conf and /etc/krb5/krb5.keytab
> conf files, but Heimdal uses
> /etc/krb5.conf and /etc/krb5.keytab files !!
Yes I know that but how do you create keytab files. Are you using heimdal
tools or Solaris. What enctype are yoy using ?
>
> Alberto Patino
>
>
> Gunnar Gunnarsson wrote:
>
> >I'm running a heimdal version 0.5.1 as a kdc. Can I support solaris
> >clients running Sun implementation of MIT kerberos ? According to
> >Sun it's compatible with MIT 1.2.5.
> >Clients such as kinit works but listing keytab files with solaris version of
> >ktutil made by heimdal doesn't work. Neither does solaris pam_krb5 module
> >work with heimdal keytab files.
> >
> ># /usr/bin/ktutil
> >ktutil: rkt krb5.keytab
> >ktutil: list
> >slot KVNO Principal
> >---- ---- --------------------------------------------------------------------------
> > 1 1 host/aries.netia.se@NETIA.SE
> > 2 1 host/aries.netia.se@NETIA.SE
> > 3 1 host/aries.netia.se@NETIA.SE
> > 4 1 host/aries.netia.se@NETIA.SE
> >
> ># /usr/heimdal/sbin/ktutil list
> >FILE:/etc/krb5.keytab:
> >
> >Vno Type Principal
> > 1 des-cbc-crc host/aries.netia.se@NETIA.SE
> > 1 des-cbc-md4 host/aries.netia.se@NETIA.SE
> > 1 des-cbc-md5 host/aries.netia.se@NETIA.SE
> > 1 des3-cbc-sha1 host/aries.netia.se@NETIA.SE
> >
> >krb4:/etc/srvtab:
> >
> >Vno Type Principal
> > 1 des-cbc-md5 host/aries.netia.se@NETIA.SE
> > 1 des-cbc-md4 host/aries.netia.se@NETIA.SE
> > 1 des-cbc-crc host/aries.netia.se@NETIA.SE
> >
>