Hi. I am trying to compile Kerberos v1.17 with LibreSSL 2.9.x, but I
get error messages about not finding the header file 'asn1_mac.h'. In
LibreSSL 2.9.0, that header file was removed. I tried a few obvious
tricks with the #if #include options but encountered other errors. Is
there a patch
Hi,
$Subject.
client use kerberos for authentication,
my question is that is there anything i can do with kerberos server to
reach this object?
Or anything else can be helpful to this case?
thanks
Kerberos mailing list Kerberos@mit.edu
;context, client);
error:
if (ccache != NULL && init_type != INIT_CREDS)
krb5_cc_close(handle->context, ccache);
Regards,
--
Jerry James, Assistant Professor[EMAIL PROTECTED]
Computer Science Department http://www.cs.usu.edu/~jerry/
Utah State University
,
and I shouldn’t try to work around it?
Thank you for your help,
Jerry Shipman
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
corrupted in the copy). It
seems like this would be a bad idea; just checking.
Thanks again,
Jerry
> On Dec 24, 2015, at 12:21 AM, Greg Hudson wrote:
>
> On 12/23/2015 03:50 PM, Jerry Shipman wrote:
>> Is there a way to do what I’m trying to do?
>> Or, is there a reason th
) without
missing anything important? I guess I would lose out on the possibility of
doing incremental propagation.
Thanks again,
Jerry
> On Jan 27, 2016, at 6:43 PM, Russ Allbery wrote:
>
> Jerry Shipman writes:
>
>> It’s me again, who was trying to kprop through
e it doesn't matter.
But I thought it was worth asking.
Thanks for your help,
Jerry Shipman
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
didn't think of.
I don't know if I would be able to implement any of those, even if they are
possible...but, I am curious about whether there are any options.
Thanks a lot,
Jerry Shipman
Kerberos mailing list Kerberos@mit.ed
But, I wondered what the usual way to prevent this is?
Thanks a lot,
Jerry Shipman
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
Is there something reasonable I can do to definitively find out whether the
user's old and new passwords are the same?
Thank you for the help,
Jerry
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
ust
the first one isn't. Sorry for the misinformation.
I think it's not very important, and I can drop it.
Thanks again,
Jerry
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
)?
How can I tell by looking, which ones are the current keys vs the historical
keys? I think the kvno is in there somewhere?
I just want to make sure I am reading this right.
Thank you for your help,
Jerry
Kerberos mailing list Kerber
Hello,
This might be a stupid question, but: can you tell me whether Kerberos works
with unicode in the password? (Maybe: roughly in which version was that added?)
I'm trying to track down a mysterious issue -- this might be one possible
explanation.
Thank you for the help,
.
But experimentally, it does work.
Doing some tcpdumping, I can see it do a DNS lookup to find the KDCs, even
though dns_lookup_kdc is set false.
Perhaps the dns_lookup_kdc only affects realms that are defined in your
[realms] section?
Thank you for your help,
cally (instead of doing the
full database dumps). I can do that and I guess it would work... but it would
be nice to not do that.
Or is there some better idea that we didn't think of?
Thank you again for your help,
Jerry
-Original Message-
From: Greg Hudson
Date: Thursday, Decembe
Aha! This (-x unlockiter) looks like it will solve my immediate problem. Thanks
a lot.
Happy new year!
Jerry
-Original Message-
From: Greg Hudson
Date: Friday, January 3, 2020 at 11:53 AM
To: "Jeremiah E. Shipman" , "kerberos@mit.edu"
Subject: Re: kprop with m
mit.foo.cornell.edu and
b...@foo.cornell.edu are totally different entities! Why would it do
that? Is there a way to turn that off?
Or, more generally... can you help me understand what is going on there?
Thank you!
Jerry
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
got krb5 to compile on Sequent hardware? If so, any
tricks that I should be aware of??
Thanks,
jerry
--
Jerry Heyman 919.224.1442 | IBM SWG/Tivoli Software|"Software is the
Build Infrastructure Architect| 3901 S Miami Blvd | difference between
[EMAIL PROTECTED]| Durham, NC
In article <ae7ssp$fn7$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Jerry Heyman) writes:
>I don't know if this is the right place to ask, so I'll do so (and
>expect corrections).
>
>I've downloaded the source from MIT and have been able to finagle
>configure to wor
On 21 June 2002 at 13:23, Sam Hartman <[EMAIL PROTECTED]> wrote:
> >>>>> "Jerry" == Jerry Heyman <[EMAIL PROTECTED]> writes:
>
> Jerry> I've now confirmed that Dynix/PTX has a bad socket() (and
> Jerry> friends) implementation.
tc/krb5.conf file is the identical file that has been used successfully
for all the other platforms.
# top
shows login.krb5 utilizing 98% CPU - but load isn't showing 100% CPU
utilization, so it must be wait stated. Accumulating time though.
Any pointers/suggestions/ideas would be great
- 1) != '/')
sprintf(utmp_id, "k%s", cp - 1);
else
sprintf(utmp_id, "k0%s", cp);
#endif
strncpy(utx.ut_id, utmp_id, sizeof(utx.ut_id));
>From what I read, kAEy should be the right value for utx.ut_id,
but I'm seeing a much longer string (see
In article <ah74fd$5v4$[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Jerry Heyman) writes:
>In article <[EMAIL PROTECTED]>,
> [EMAIL PROTECTED] (Sam Hartman) writes:
>>I'd step through login in a debugger and see where it hangs. If you
>>cannot do that, then start i
In article <[EMAIL PROTECTED]>,
[EMAIL PROTECTED] (Tom Yu) writes:
>>>>>> "jerry" == Jerry Heyman <[EMAIL PROTECTED]> writes:
>
>jerry> In article <ah74fd$5v4$[EMAIL PROTECTED]>,
>jerry> [EMAIL PROTECTED] (Jerry Heyman) writes:
&
cutter set of instructions on how to force each
of these different OSes to use the login.krb5 binary??
I apologize if this is in the FAQ - I've looked through it, and
haven't found what I was looking for.
jerry
--
Jerry Heyman 919.224.1442 | IBM SWG/Tivoli Software|&qu
x27;ve seen but not had a chance to play with the gssapi module
for proftpd (http://gssmod.sf.net/)
And then there's always the GSSAPI SASL mechanism for things that
support SASL (e.g. OpenLDAP).
Hope this helps.
cheers, jerry
- --
a the KDC and the OS calls to getpwnam(),
et. al. go through NSS and out to LDAP.
Hope this helps. Also you might be interested in the Heimdal+LDAP
setup described at http://padl.com/esearch/Heimdal.html
cheers, jerry
- -
incipal
are unrelated.
cheers, jerry
> On 2-Jul-04, at 8:56 AM, Gerald (Jerry) Carter wrote:
>
> > -BEGIN PGP SIGNED MESSAGE-
> > Hash: SHA1
> >
> > On Thu, 1 Jul 2004, Frederic Medery wrote:
> >
> >> My question is : Do I have to create all the user
://modgssapache.sourceforge.net/
cheers, jerry
- --
Hewlett-Packard- http://www.hp.com
SAMBA Team -- http://www.samba.org
GnuPG Key http://www.plainjoe.org
like you are asking if you can
use the same keytab for multiple OpenLDAP installations.
Sorry if i misunderstood.
cheers, jerry
- -
Alleviating the pain of Windows(tm) --- http://www.samba.org
GnuP
for each
| Matt> person.
|
| The samba client certainly supports Kerberos both for CIFS and LDAP
| operations.
I'm pretty sure this question was about smbd and not
out client code. Our server code only supports simple binds
to LDAP servers currently. It's our our todo list
again).
|>
|>> <> I also tried with "/usr/ccs/bin"in my PATH and it
|> still gives me the same problem.
was /usr/ccs/bin in yoru path when you ran configure ? If not,
then the makefile will still not find 'ar'.
cheers, jerry
- --
ns
sshd_config:
GSSAPICleanupCredentials{yes|no}
ssh_config:
GSSAPIDelegateCredentials {yes|no}
Running 'ssh - {host}' should display enough information for
you to locate the gssapi-with-mic authentication mechanism
in the logs to verify that things are working cor
33 matches
Mail list logo
