[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Bad encryption length, other problems with 0.5+

To: Brendan Cully <brendan@kublai.com>
Subject: Re: Bad encryption length, other problems with 0.5+
From: Aidan Cully <aidan@kublai.com>
Date: Sun, 13 Apr 2003 19:16:34 -0400
Cc: Love <lha@stacken.kth.se>, Chris Chiappa <griffon+heimdal-discuss@snurgle.org>, heimdal-discuss@sics.se
In-Reply-To: <20030328013405.GA1828@coleridge.kublai.com>
References: <20030327043048.GA14492@lumberjack.snurgle.org> <am3cl8gyd4.fsf@nutcracker.stacken.kth.se> <20030328001601.GE15152@watanabe.kublai.com> <20030328013405.GA1828@coleridge.kublai.com>
Sender: owner-heimdal-discuss@sics.se
User-Agent: Mutt/1.4i

I wrote:
> On Thu, Mar 27, 2003 at 07:16:02PM -0500, Brendan Cully wrote:
> > I believe my brother posted a workaround for this several months ago:
> > 
> > http://www.stacken.kth.se/lists/heimdal-discuss/2002-10/msg00032.html
> 
> That's right, but I continued to have issues with kerberos that I
> never got around to fixing since it was easier just to move to ssh
> over telnet, and no one appeared to be interested anyway.

I (finally) found out what caused kerberos authentication to continue
breaking: keytabs written with the old version of kerberos would,
apparently, include four null bytes in the keyvalue, which again
caused a key length error during the krb5_rd_req.  Creating a new
keytab solved the problem.  Yay!

--aidan

Prev by Date: Memory caches
Next by Date: Re: Memory caches
Prev by thread: Re: Memory caches
Next by thread: Locking of principals after failed logins
Index(es):
- Date
- Thread