[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Propagating MIT-Kerberos Database to Heimdal KDC
Friedrich Delgado Friedrichs <firstname.lastname@example.org> writes:
> However, if I create /var/heimdal/m-key on the heimdal host with
> kstash, the first six bytes are:
> 0205 0000 4800
This is normal. The heimdal stash file is just keytab. MIT uses a
I'll try to have a look at this. I guess this might something to do
with 3des and key derivation.
> Another point strikes me: I've read somewhere that it's possible to
> use the MIT-Kerberos Master-Key unchanged. However the principal for
> the Master-Key is called "default" in heimdal and "K/M" in MIT
The K/M principal is used to verify that the master key is correct. We
don't really have any such feature. The default principal is used for
default values for new principals.
> Is there any place I can find detailed documentation on the subject?
Eh, probably not. Use the source, but I guess you didn't want to hear