Encryption key type order w. windows auth?
Jeffrey Hutzelman
jhutz at cmu.edu
Thu Jun 17 20:22:10 EDT 2004
On Thursday, June 17, 2004 18:27:42 -0400 David Botsch
<dwb7 at ccmr.cornell.edu> wrote:
> I've found that windows seems to somehow care about the order of the
> key/salt types in the principal.
> Key: vno 11, DES cbc mode with CRC-32, AFS version 3
This isn't just a different salt string; it's actually a different
string-to-key algorithm. And Windows doesn't know about it. That means it
will never be able to come up with this key.
You should not depend on the "ordering" you're seeing here; logically, it's
an unordered set. If you have Windows users, they will need to not have
AFS-salted keys.
-- Jeffrey T. Hutzelman (N3NHS) <jhutz+ at cmu.edu>
Sr. Research Systems Programmer
School of Computer Science - Research Computing Facility
Carnegie Mellon University - Pittsburgh, PA
More information about the Kerberos
mailing list