[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

=?gb2312?q?=BB=D8=B8=B4=A3=BA=20Re:=20=BB=D8=B8=B4=A3=BA=20Re:=20=BB=D8?==?gb2312?q?=B8=B4=A3=BA=20Re:=20kerberos=20setup,=20basic=20questions?=



Thanks for Brandon, Harald and Joakim's advice.
I tried and got krb5.keytab successfully.

But it is so strange that when i run heimdal's telnet
on kerberosC to connect heimdal's telnetd on
kerberosKDC, it seems that the connection was not
kerberosized, as following:

[root@kerberosC bin]# ./telnet 192.168.0.30
Trying 192.168.0.30...
Connected to 192.168.0.30.
Escape character is '^]'.
Waiting for encryption to be negotiated...

*** Connection not encrypted! Communication may be
eavesdropped. ***
Encryption negotiated.
Password: 

My question is:
1. Are there some parameters of the command "./telnet"
for kerberos connection? As mentioned above, it may be
a non-kerberos connection.
2. When i run kinit on kerberosC, the clinet got
TGT.(The captured packages are AS-REQ and AS-REP). And
When to get TGS? Does "TGS-REQ to TGS-REQ exchange"
happen when I run heimal's telnet on kerberosC?

Thanks

Wang Yue

--- "Brandon S. Allbery KF8NH"
<allbery@ece.cmu.edu>д:

> 
> On 2008 Jul 2, at 7:39, h wrote:
> 
> > 5. create a principal and makes krb5.keytab on
> > kerberosKDC
> > kadmin> add -r host/kerberosKDC.WEDGIE.ORG
> > kadmin: connect(192.168.0.30): Connection refused
> 
> Did you start kadmind on kerberosKDC?
> 
> > snuffy:501 Z$ bos status e-xing -long
> (...)
> > Instance kdc, (type is simple) currently running
> normally.
> >     Process last started at Wed Jul  2 01:17:33
> 2008 (4 proc starts)
> >     Last exit at Wed Jul  2 01:17:33 2008
> >     Command 1 is '/usr/local/libexec/kdc'
> >
> > Instance kadmind, (type is simple) currently
> running normally.
> >     Process last started at Sun Jun 29 03:30:19
> 2008 (1 proc starts)
> >     Command 1 is '/usr/local/libexec/kadmind'
> >
> > Instance iprop-m, (type is simple) has core file,
> currently running  
> > normally.
> >     Process last started at Sun Jun 29 03:30:19
> 2008 (1 proc starts)
> >     Command 1 is
> '/usr/local/libexec/ipropd-master'
> >
> > Instance kpasswd, (type is simple) currently
> running normally.
> >     Process last started at Sun Jun 29 03:30:19
> 2008 (1 proc starts)
> >     Command 1 is '/usr/local/libexec/kpasswdd'
> >
> > Instance kdcbackup, (type is cron) currently
> running normally.
> >     Auxiliary status is: run next at Wed Jul  2
> 18:06:00 2008.
> >     Process last started at Tue Jul  1 18:06:44
> 2008 (3 proc starts)
> >     Last exit at Tue Jul  1 18:06:52 2008
> >     Command 1 is '/var/heimdal/kdcbackup.sh'
> >     Command 2 is '18:06'
> >
> > Instance kpasswd464, (type is simple) currently
> running normally.
> >     Process last started at Sun Jun 29 03:30:19
> 2008 (1 proc starts)
> >     Command 1 is '/usr/local/libexec/kpasswdd
> --port=464'
> 
> 
> 
> -- 
> brandon s. allbery
> [solaris,freebsd,perl,pugs,haskell]
> allbery@kf8nh.com
> system administrator [openafs,heimdal,too many hats]
> allbery@ece.cmu.edu
> electrical and computer engineering, carnegie mellon
> university    KF8NH
> 
> 
> 



      ___________________________________________________________ 
 Ż䣬䣡 
http://cn.mail.yahoo.com/