Need help interpreting krb5kdc log file, specifically etypes definitions

alextc@microsoft.com alextc at microsoft.com
Mon Jul 17 16:45:57 EDT 2006


Jeffrey Altman wrote:
> alextc at microsoft.com wrote:
> > Hi,
> > I successfully established trust relationship between MIT Realm and AD
> > on Windows 2003 SP1. I would like to make sure that RC4 encryption is
> > in fact being used.
> > I believe that I should be able to get this information from the
> > krb5kdc log, but having some difficulties interpreting the etypes
> > definitions. Could somebody, please, provide explanation on the meaning
> > of such messages:
> > Jul 17 11:19:57 rh01.mit.contoso.com krb5kdc[1864](info): TGS_REQ (7
> > etypes {23 -133 -128 3 1 24 -135}) 192.168.15.103: ISSUE: authtime
> > 1153149597, etypes {rep=
> > 23 tkt=23 ses=23}, jdoe at MIT.CONTOSO.COM for
> > krbtgt/MIT.CONTOSO.COM at MIT.CONTOSO.COM
> > In this message etypes are defined as numbers. Is there a table
> > somewhere that would allow me to translate numbers to encryption types?
> > Or may be there is another way to tell?
> > Thanks.
> > Alex
>
> RFC 4120
> http://www.ietf.org/rfc/rfc4120.txt

Thanks for the response.
Could you, please, provide the section of the document where I could
find such a table.
I read through RFC but was not able to find the required information.
As a matter of fact, when I did a search of the entire document for
"RC4", hoping to find the corresponding int key, I found only a single
match, which was not really relelevant to the information I am looking
for.
Thanks in advance.
Alex.




More information about the Kerberos mailing list