Proof of authenticity of TGT

Olfmatic olfmatic at
Tue Aug 22 05:50:02 EDT 2006


as my service is not part of the Kerberos realm, I am not able to acquire a service ticket for it. My next thought is to use the TGT for authentication at the service.
How can this be done? Is the TGT signed with a KDC secret? How can this be obtained from the KDC? If I had the KDC's master key, the TGT is encrypted with, I could give it to my service so it can proof the authenticity of the TGT passed to it by my client.

Is this possible?

Thank you for any help.

More information about the Kerberos mailing list