Presence/absence of the keytab
Richard E. Silverman
res at qoxp.net
Thu May 4 03:38:27 EDT 2006
>>>>> "SL" == Scott Lowe <slowe at eplus.com> writes:
SL> Yesterday, however, I was able to successfully authenticate via
SL> Kerberos from VMware ESX Server 2.5.3 (the console operating
SL> system is Linux-based) *without* generating a keytab. This seems
SL> to fly in the face of all the information and instructions I've
SL> seen.
SL> So, I'm curious...any thoughts as to why this worked?
A keytab is needed for a host on which a kerberized service runs; it holds
the service princpal's secret key, which the service software needs.
You don't need anything special on a host to allow someone to "kinit" on
it. The only secret needed is your password.
--
Richard Silverman
res at qoxp.net
More information about the Kerberos
mailing list