On 11/02/2017 07:33 PM, Benjamin Kaduk wrote:
> Hmm, could you say a bit more about what version of KfW you're using and
> how you've tried to configure MS-KKDCP? From the release notes, at least,
> it seems that KfW 4.1 should have this support available in some form.
The TLS part of MS-KKDCP (w
It works fine in a copy of Ubuntu running in Linux for Windows on the same
Windows 10 machine.
> On Nov 3, 2017, at 9:53 AM, Charles Hedrick wrote:
>
> Here’s the conversation using tcpdump on the proxy server. The connection
> opens, no data is sent in either direction, and KfW closes it.
>
Here’s the conversation using tcpdump on the proxy server. The connection
opens, no data is sent in either direction, and KfW closes it.
In case it matters, KfW is running in Windows 10 Fall Creator’s Update in a VM
on a Mac.
tcpdump: verbose output suppressed, use -v or -vv for full protocol d
I’m using KfW 4.1. Since there’s no documentation on krb5.ini, I used the same
syntax as for krb5.conf
kdc = https://services.cs.rutgers.edu/KdcProxy
I’m not using http_anchor, since we have a commercial cert, and other
implementations don’t need us to specify a CA cert.
The error message say
On Wed, Nov 01, 2017 at 10:30:36PM +, Charles Hedrick wrote:
>
> I’ll try agian. Also KfW doesn’t seem to implement kdc proxy. I’d prefer not
> to open my kdc to the world. I’m currrently using the Proxy for home use.
Hmm, could you say a bit more about what version of KfW you're using and
h
I’ll try agian. Also KfW doesn’t seem to implement kdc proxy. I’d prefer not to
open my kdc to the world. I’m currrently using the Proxy for home use.
> On Nov 1, 2017, at 2:30:55 PM, Benjamin Kaduk wrote:
>
> On Wed, Nov 01, 2017 at 06:06:23PM +, Charles Hedrick wrote:
>>
>> My problem w
On Wed, Nov 01, 2017 at 06:06:23PM +, Charles Hedrick wrote:
>
> My problem with KfW is more serious: I can’t get putty to see the tickets.
> That makes it of no real use to me. I’m going to try installing Ubuntu on
> Windows.
I was able to reliably get putty working with GSSAPI/Kerberos wh
You could issue a machine-specific key table, and then use a script that does
kinit from the key table, then kinit -T pointing to the resulting credentials
cache. I have verified the KfW kinit -T works.
We use OTP on Linux. I can’t get FAST/PKINIT to work there either. I have a
kerberized servi
On Mon, Oct 30, 2017 at 9:11 PM, Benjamin Kaduk wrote:
> On Mon, Oct 30, 2017 at 09:05:10AM -0700, Pallissard, Matthew wrote:
> > > any ideas how to implement OTP for Windows with MIT kerberos client?
> possible?
> >
> > I don't know if KFW 4.1 supports OTP but what I do know is that in the
> pas
On Mon, 30 Oct 2017 09:05:10 -0700
"Pallissard, Matthew" wrote:
> > any ideas how to implement OTP for Windows with MIT kerberos
> > client? possible?
>
> I don't know if KFW 4.1 supports OTP but what I do know is that in
> the past I couldn't get PKINIT working with KFW. I had to implement
>
thanks for your notes and direction
Oleksandr Yermolenko
On Mon, 30 Oct 2017 20:11:25 -0500
Benjamin Kaduk wrote:
> On Mon, Oct 30, 2017 at 09:05:10AM -0700, Pallissard, Matthew wrote:
> > > any ideas how to implement OTP for Windows with MIT kerberos
> > > client? possible?
> >
> > I don't
On Mon, Oct 30, 2017 at 09:05:10AM -0700, Pallissard, Matthew wrote:
> > any ideas how to implement OTP for Windows with MIT kerberos client?
> > possible?
>
> I don't know if KFW 4.1 supports OTP but what I do know is that in the past I
> couldn't get PKINIT working with KFW. I had to implement
> any ideas how to implement OTP for Windows with MIT kerberos client? possible?
I don't know if KFW 4.1 supports OTP but what I do know is that in the past I
couldn't get PKINIT working with KFW. I had to implement heimdal on the client
end.
https://www.mail-archive.com/kfwdev@mit.edu/msg00822
Hi all,
I'm trying to configure a Windows 7 workstation to do OTP preauth.
I've installed MIT Kerberos for Windows 4.1, put krb5.ini as for linux
and ... of course obtain the error "Generic preauthentication
failure". FAST/PKINIT anonymous unsupported ...
any ideas how to implement OTP for Windo
14 matches
Mail list logo
