Need help interpreting krb5kdc log file, specifically etypes definitions

alextc@microsoft.com alextc at microsoft.com
Tue Jul 18 09:25:24 EDT 2006


Jeffrey Altman wrote:
> alextc at microsoft.com wrote:
>
> >> RFC 4120
> >> http://www.ietf.org/rfc/rfc4120.txt
> >
> > Thanks for the response.
> > Could you, please, provide the section of the document where I could
> > find such a table.
> > I read through RFC but was not able to find the required information.
> > As a matter of fact, when I did a search of the entire document for
> > "RC4", hoping to find the corresponding int key, I found only a single
> > match, which was not really relelevant to the information I am looking
> > for.
> > Thanks in advance.
> > Alex.
>
> RFC 3961 Section 8
> http://www.ietf.org/rfc/rfc3961.txt

Thanks a lot.
I have one more question, regarding the negative values in my krb5kdc.
So if I look at the entry in the log:
Jul 17 11:19:57 rh01.mit.contoso.com krb5kdc[1864](info): TGS_REQ (7
etypes {23 -133 -128 3 1 24 -135}) 192.168.15.103: ISSUE: authtime
1153149597, etypes {rep=
23 tkt=23 ses=23},
By looking at the table in RFC 3961 I know that the issued token was
encrypted with RC4, but when I look at the etypes proposed by the
client (etypes {23 -133 -128 3 1 24 -135})  I see some negative values
that are not in the RFC 3961 table. The client is Windows XP
workstation SP2. Does anybody know what those negative values
represent?
Thanks.
Alex.




More information about the Kerberos mailing list