Hi,
my application tries to acquire a GSS credential with a client keytab:
$ KRB_CLIENT_KTNAME=$HOME/client.keytab app
No credential is obtained. At that time, the credential was already
expired. I turned on KRB5_DEBUG and saw that the KRB5 lib checks the
credential cache and stops right there
> On 07/29/2014 04:50 PM, Michael Osipov wrote:
> > my application tries to acquire a GSS credential with a client keytab:
> >
> > $ KRB_CLIENT_KTNAME=$HOME/client.keytab app
>
> The environment variable is KRB5_CLIENT_KTNAME, not KRB_CLIENT_KTNAME.
> Did you use th
Am 2014-07-30 um 16:25 schrieb Greg Hudson:
> On 07/30/2014 02:34 AM, Michael Osipov wrote:
>> If I understood you correctly, the API makes a difference here. By hand or by
>> cient keytab. The problem is that one has sometimes no control over, even
>> worse
>> I cann
> On 07/30/2014 05:52 PM, Michael Osipov wrote:
> > 1. I am used to work over SSH with Subversion and Git over a SPNEGO
> > protected proxy and/or with our HTTP served repositories, protected by
> > SPNEGO too. Sometimes I do a kinit with my password but sometimes I simply
Am 2014-07-31 um 17:52 schrieb Greg Hudson:
> On 07/31/2014 03:24 AM, Michael Osipov wrote:
>> That sounds reasonable and should solve the issue. Albeit, I do think that
>> the detection
>> algorithm could be better and pursue a best-effort/match/seldom-fail
>> appr
Hi,
I have made several improvements to the build files, especially for HP-UX 11 on
IA64.
Where is the best place to discuss then? This list or rather dev@?
Michael
Kerberos mailing list Kerberos@mit.edu
https://mailman.mit.edu/mailman/
Am 2014-08-11 um 16:02 schrieb Greg Hudson:
> On 08/11/2014 03:40 AM, Michael Osipov wrote:
>> I have made several improvements to the build files, especially for HP-UX 11
>> on IA64.
>>
>> Where is the best place to discuss then? This list or rather dev@?
>
> I
Hi,
I just recently tried kinit -E with my corporate enterprise pricipal name
and was wondering about the format (kinit, klist):
michael.osipov\@company@realm1.company.net
As far as I understand ENT PRINC and RFC 6806, isn't that supposed to be
free of real realm names? I assumed to see
mic
Hi,
I am trying to compile version 1.12.1 on HP-UX and are not able to
swap/change the default linker.
I have set LD="ld +n" but it does not get picked up by the configure
script. (Yes, I know there is LDFLAGS for "+n" but that's not the point.)
Having looked at shlib.conf, I noticed this:
~/
Am 2014-05-29 19:35, schrieb squidmob...@fastmail.fm:
> 29 may 2014
>
> greetings,
>
> many thanks to michael.
>
>> Simply compile a recent version of MIT Kerberos, re-link your
>> application and then do:
>
>> $ export KRB5_CLIENT_KTNAME= # e.g. $HOME/client.keytab
>> $ app-with-gssapi-calls # in
10 matches
Mail list logo
