[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Changing of krbtgt key

To: heimdal-discuss@sics.se
Subject: Changing of krbtgt key
From: Andreas Haupt <ahaupt@ifh.de>
Date: Sat, 11 Oct 2003 15:47:54 +0200 (CEST)
Sender: owner-heimdal-discuss@sics.se

Hello,

I read that it preferable to change the key of the TGS periodically from
time to time for security reasons. But when doing this with Heimdal 0.6
the old key is destroyed at once.

When trying to get a new service ticket with a TGT I got before changing
the TGS key I get the following error message:

krb5_mk_req failed: Key version is not available

Why isn't the old key available any more? AFS KA-Server changed the TGS
key on its own. That's not a feature I must have. But I would like to be
able to change it and not have to do a new kinit.

Greetings
Andreas

-- 
Andreas Haupt         E-Mail: ahaupt@ifh.de
 DESY Zeuthen
 Platanenallee 6
 15738 Zeuthen

Follow-Ups:
- Re: Changing of krbtgt key
  - From: joda@pdc.kth.se (Johan Danielsson)
- KDC not found even after connection was made
  - From: David Komanek <xdavid@lib-eth.natur.cuni.cz>

Prev by Date: Re: Found some strange code
Next by Date: Re: Changing of krbtgt key
Prev by thread: Re: Found some strange code
Next by thread: Re: Changing of krbtgt key
Index(es):
- Date
- Thread