Kerberos5 Problems Any Suggesstions??
Adusumilli Neelima
neelima at students.iiit.net
Sun Feb 29 05:11:29 EST 2004
Hi all,
I'm new to Kerberos and I'm facing some problems after
installation which are as follows:
1) I installed Kerberos(krb5-1.3.2) from source code, and I have seen that
aes is also implemented in it. I tried to change 'default_tkt_enctypes'
and 'default_tgs_encrypes' entries in /etc/krb5.conf from 'des-cbc-crc' to
some other type mentioned in krb5-1.3.2/src/lib/crypto/etypes.c . But no
other encryption method is working (I want to use AES in my Kerberos
encryption methods). Do I need to make any other configuration changes for
making AES to work?
2) I installed both the server and client in the same machine and when I
tried to telnet, it connects through Kerberos. But later I changed the
password for my login. Now Kerberos telnet works when I supply Kerberos
KDC password. When the other password is provided, it gets connected
through ordinary telnet. And then I tried to sniff the packets of Kerberos
Telnet, they were not encrypted. Encryption is not called anywhere except
for the functions like 'kadmin', etc. How do I enable Encryption for
telnet or ftp like modules? Or am I not able to understand the working of
Kerberos itself??
3) I'm planning to embed IDEA instead of AES/DES in Kerberos. I have
already written the code for the implementation of IDEA. All that I am
left with is to include the IDEA into Kerberos. Can anyone provide me with
the basic steps required to do that? Any help is grateful because I have
to make it work in another week.(Do I need to ask this in krbdev mailing
list??)
Thank you,
Neelima
More information about the Kerberos
mailing list