Enabling preauthentication on linux kdc
sgouris@gmail.com
sgouris at gmail.com
Wed Nov 14 07:15:19 EST 2007
Hi,
I have a question regarding enabling kerberos pre-authentication on
linux kdc (kerberos servers). Can somebody please help ? I am not able
to enable this preauthentication on linux kdc.
windows kdc works with preauthencation enabled, such that even if a
kerberos request comes from linux machine the kdc returns KRB-ERROR.
the linux kerberos client then comes back with the required PA-ENC-
TIMESTAMP and is authenticated by KDC. I would like to configure linux
kdc for the same behaviour.
for this on the linux kerberos kdc machine.
I edited /var/kerberos/krb5kdc/kdc.conf
and put this lines
[realms]
NEVISTEST.COM = {
require-preauth = yes
default_principal_flags = +preauth
....
and restarted krb5kdc service
but this doesn't seem to effect the kerberos behaviour in any way and
I am stuck.
please help me with any suggestion/pointers.
Regards
S.Gourisankar
More information about the Kerberos
mailing list