keytab file format - exporting arcfour keys from active directory
Tim Alsop
Tim.Alsop at CyberSafe.Com
Mon May 1 17:32:44 EDT 2006
Regarding :
/*
*
* keytab format:
*
* head:
* 0 1 5
* 1 1 VNO 1 or 2
* per entry:
* 0 4 len (excludes len)
* 4 2 count of princ components (pc)
* 6 2 length realm (rl)
* 8 rl realm
* REP *pc {
* 0 2 length nl
* 2 nl name-component
* }
* IF new? {
* xxx 4 name-type
* }
* xxx 4 timestamp
* xxx 1 vno
* {
* 0 2 keytype
* 2 2 keylen
* 4 keylen keydata
* }
* POSSIBLE if length left {
* xxx 4 vno
* }
*/
Is the "keytype" actually the key type, or is it the etype ? I ask this
because I have seen key tables created by various products that have the
etype stored in this field.
Thanks,
Tim
More information about the Kerberos
mailing list