Importing data?

Jason L Tibbitts III tibbs at math.uh.edu
Thu Jan 12 18:43:27 EST 2006


>>>>> "JH" == Jeffrey Hutzelman <jhutz at cmu.edu> writes:

JH> Well, the problem is that entries in NIS or in UNIX password files
JH> don't contain the password; they contain a one-way hash of the
JH> password.  Without some fairly time-expensive cryptographic
JH> attacks, you can't recover the actual password, which is needed to
JH> add keys to the Kerberos database.

If you use PAM, there is the pam_krb5_migrate module which is supposed
to stuff the password into the Kerberos database when a user
authenticates against whatever system you are currently using.
Unfortunately I never figured out quite how to make it work, but then
I'm far from an expert in either PAM or Kerberos.

 - J<



More information about the Kerberos mailing list