Arati Desai <[EMAIL PROTECTED]> writes:

> I have a kerb5 setup with MIT KDC and heimdal client
> APIs to perform kerb5 authentication. I have created
> principals without specifying any keysaltlist. A
> keytab is created by running ktadd. klist shows-

> -bash2-2.05b$ sudo ktutil -k
> /tmp/osqa2.domain.com.keytab list
> /tmp/osqa2.domain.com:

> Vno  Type           Principal
>   5  des3-cbc-sha1  imap/[EMAIL PROTECTED]
>   5  des-cbc-crc    imap/[EMAIL PROTECTED]

> (Note: I have replace domain with actual domain name)

> With this keytab, heimdal client gives authentication
> failure. When I debugged the code I found that it is
> failing in verify_checksum function.

Read the COMPATIBILITY section of the gssapi(3) man page.  Could that be
your problem?

-- 
Russ Allbery ([EMAIL PROTECTED])             <http://www.eyrie.org/~eagle/>
________________________________________________
Kerberos mailing list           [email protected]
https://mailman.mit.edu/mailman/listinfo/kerberos

Reply via email to