BC-SNC, MIT Kerberos V, SSO, GSS-API v2
Calin Barbat
c.barbat at osram.de
Wed Sep 8 04:36:34 EDT 2004
Hello,
Norbert, you were right. I just tried to play around (locally) with the
sserver/sclient from krb5-1.3.4/src/appl/sample and I got the following
messages:
In /var/log/messages something like:
sserver: recvauth failed--Software caused connection abort
And from sclient:
connected
./sclient: Ticket expired while using sendauth
I used following commands:
./sserver -p 8888 -s host/<myhost>.<mydomain2>.<mydomain1>.de -S
/etc/krb5.keytab
and
./sclient <myhost>.<mydomain2>.<mydomain1>.de 8888
host/<myhost>.<mydomain2>.<mydomain1>.de
Any idea about the cause of this behaviour?
Calin.
Norbert Klasen wrote:
> some hints you might want to try:
> - use MIT Kerberos 1.3.x. It implements the native Windows enctype
> arcfour-hmac-md5 and supports TCP to connect to the KDC. (unlikely)
> - test if you can successfully establish a GSSAPI connection between your
> Windows workstation and your Unix server with gss-client and gss-server
> (Windows versions are included in the KfW package).
>
> Norbert
>
More information about the Kerberos
mailing list