cisco & krb5

[Mihai RUSU]

Hi

I am testing cisco switch authentication configuration with kerberos v5 
server. I succeded in auth against kerberos only if the server "key" is 
des-cbc-crc. If I have a key both des-cbc-crc and des3-hmac-sha1 it doesnt 
seem to work. I will investigate this also on the cisco side (if it can be 
made to use des3-hmac-sha1 keys) but while Im doing that I also wanted to 
know how can I add key entries to a keytab file (which I send it to the 
cisco router for his own auth) only of one key type ? If the generated key 
for a principal is both des3-hmac-sha1 and des-cbc-crc it seems that ktadd 
adds them both to the keytab file. I would need a solution to add only 
des-cbc-crc or a solution to delete one of the keys of the same principal 
in a keytab file.

Thanks!

-- 
Mihai RUSU                                    Email: dizzy at roedu.net
GPG : http://dizzy.roedu.net/dizzy-gpg.txt    WWW: http://dizzy.roedu.net
                       "Linux is obsolete" -- AST