[23868] in Kerberos
Key version fun
daemon@ATHENA.MIT.EDU (Ted Kaczmarek)
Wed May 11 07:38:15 2005
Date: Wed, 11 May 2005 07:37:26 -0400
From: Ted Kaczmarek <tedkaz@optonline.net>
To: kerberos@mit.edu
Message-id: <1115811446.2893.11.camel@inyoureyes.linsolutions.com>
MIME-version: 1.0
Content-type: text/plain
Content-transfer-encoding: 7BIT
Reply-To: tedkaz@optonline.net
Errors-To: kerberos-bounces@mit.edu
I can specify a key version when adding a principal, but when adding a
keytab entry the created key's version does not match the created
principals sometimes. It appears that if I delete all keys and host
principals and use --randkey when ank'ing them and enter them in the
same order it will use the same key version number. But, if I add the
principals all with a specified key version , the keytabs created will
not have the same version number specified in the policies.
This appears to be the majority of my kprop issues.
Also, the doc at
http://web.mit.edu/kerberos/www/krb5-1.4/krb5-1.4.1/doc/krb5-
install/Extract-Host-Keytabs-for-the-KDCs.html#Extract%20Host%20Keytabs%
20for%20the%20KDCs
states that each KDC needs a keytab, but it leaves it very vague whether
that keytab includes just the local kdc or all the kdc's. Can someone
clarify this.
Regards,
Ted
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
