On Tue, Mar 21, 2017 at 4:23 PM, chen dong wrote:
> I am not sure that my statement is right here. If I am wrong, please
> correct me.
>
> As Kerberos protocol works atop of TCP protocol. Kerberos protocol has its
> own different implementation such MIT Kerberos. And on top of Kerberos,
> there i
Simo, thanks for this detailed explanation. I think my general
understanding of the protocols was accurate (although I may have not
portrayed that earlier) and now I have a better understanding overall.
Thanks again,
Joshua Schaeffer
On Mon, Mar 27, 2017 at 10:05 AM, Simo Sorce wrote:
> On
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
6D56: kdb5_stash (kdb5_stash.c:110)
==16389==by 0x4048F1: main (kdb5_util.c:346)
==16389== Address 0x2 is not stack'd, malloc'd or (recently) free'd
==16389==
==16389==
==16389== Process terminating with default action of signal 11 (SIGSEGV)
[...]
NULL p
er that directory.
I've searched my entire system for a file called "stash" (that's what KRB5
creates when you add the -s, right?) and I can't find anything. I guess I need
to do more debugging on this too to see why it isn't actually creating the
stash f
".k5.". The key_stash_file profile
> variable in the kdc.conf realm subsection can be used to override the
> filename.
This is good to know, thanks.
Thanks,
Joshua Schaeffer
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
On 07/19/2017 06:54 PM, Greg Hudson wrote:
> On 07/19/2017 08:22 PM, Joshua Schaeffer wrote:
>> * Do you know if ldap_kdc_dn needs read rights to the krbPrincipalKey
>> attribute?
> It does. The KDC is the primary user of principal long-term keys; it
> uses them to veri
