Key Managemet bacolod at
Wed Feb 12 13:33:55 EST 2003

2 Key management questions:

1. It is my understanding that client secret keys must not be passed in the clear.  If someone ever gets hold of a clients secret key, what exactly can they do to compromise Kerberos?

2. I'll get to test this soon but until then, does anyone know what might happen in the following scenario:

ATM switch is a Kerberos client
ATM switch secret key needs to be updated
The "most practical" way to update the secret key on the ATM switch is to log onto it via Kerberized (w/ data encryption on) telnet (ssh not available) and perform the ATM switch "Get secret key" function which uses either FTP or HTTP (scp not available) (I'm hoping Kerberized FTP is available).

My question is, what happens to the established Kerberized telnet session when the ATM switch sectret key is updated?

Out of band management would be nice but it isnt very practical in this particular application.

Thanks for any input.


Concerned about your privacy? Follow this link to get
FREE encrypted email: 

Big $$$ to be made with the HushMail Affiliate Program:

More information about the Kerberos mailing list