[28731] in Kerberos
Enabling preauthentication on linux kdc
daemon@ATHENA.MIT.EDU (sgouris@gmail.com)
Wed Nov 14 07:30:14 2007
From: sgouris@gmail.com
Date: Wed, 14 Nov 2007 12:15:19 -0000
Message-ID: <1195042519.728190.130960@19g2000hsx.googlegroups.com>
Mime-Version: 1.0
X-Complaints-To: groups-abuse@google.com
Complaints-To: groups-abuse@google.com
To: kerberos@mit.edu
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: kerberos-bounces@mit.edu
Hi,
I have a question regarding enabling kerberos pre-authentication on
linux kdc (kerberos servers). Can somebody please help ? I am not able
to enable this preauthentication on linux kdc.
windows kdc works with preauthencation enabled, such that even if a
kerberos request comes from linux machine the kdc returns KRB-ERROR.
the linux kerberos client then comes back with the required PA-ENC-
TIMESTAMP and is authenticated by KDC. I would like to configure linux
kdc for the same behaviour.
for this on the linux kerberos kdc machine.
I edited /var/kerberos/krb5kdc/kdc.conf
and put this lines
[realms]
NEVISTEST.COM = {
require-preauth = yes
default_principal_flags = +preauth
....
and restarted krb5kdc service
but this doesn't seem to effect the kerberos behaviour in any way and
I am stuck.
please help me with any suggestion/pointers.
Regards
S.Gourisankar
________________________________________________
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
