Kerberos with FileZilla
Diego Pignedoli
diego.pignedoli at fastwebnet.it
Sun Jun 17 15:11:07 EDT 2007
Thanks so much, I doubted i had to do a principal for ftp too :)
Now I have the problem i dunno how to do principals!!! I can't find it on
the manual of NIM, any suggestion pls? Which is the command i have to run to
do principals?
Thanks so much.
Diego
----- Original Message -----
From: "Jeffrey Altman" <jaltman at secure-endpoints.com>
To: <diego.pignedoli at fastwebnet.it>
Cc: <kerberos at mit.edu>
Sent: Sunday, June 17, 2007 8:51 PM
Subject: Re: Kerberos with FileZilla
> Diego Pignedoli wrote:
>> The identity is the default identity.
>> I think it's not so easy as I think and I am missing some particular
>> setting.
>> Do I have to create a principal also for the service ftp or only for
>> the identity who is logging?
>>
>> That is what I did:
>> i) I activated ftp server service and set the firewall to permit
>> inbound traffic on ftp ports
>> ii) i installed the NIM and activated the kerberos support service
>> from windows services
>> iii) i did all the settings i have been asked from NIM
>>
>> But when I test the filezilla with gss i get that msg.
>> I am really confused!
>>
>> Diego
> There has to be a service principal for the FTP service. Otherwise,
> there is nothing for the client to authenticate to.
>
> Typically, if the "ftp" service is on the machine "foo.bar.com" in realm
> BAR.COM then the FTP service principal will be
> "ftp/foo.bar.com at BAR.COM". This principal must exist in the BAR.COM
> database and the key for the principal must be installed in the keytab
> configured for use by the FTP service.
>
> Jeffrey Altman
> Secure Endpoints Inc.
>
>
>
More information about the Kerberos
mailing list