Problem writing keyblock to krb5.keytab w/keytab binary format.
raeburn at MIT.EDU
Wed Jul 15 15:16:40 EDT 2009
On Jul 15, 2009, at 12:36, kerberos at noopy.org wrote:
> In my DES calls I:
> - pad and convert the salt from string to unsigned long to byte.
> - use the converted salt as the key and initialization vector.
> - use a cipher mode of CBC.
> - write password to crypto stream.
> - return array of bytes that reflect my encrypted key.
> - binary write keyblock to new.keytab.
This is not the mechanism Kerberos uses for generating a DES key from
a password and salt. Check RFC 3961, particularly section 6.2.
Ken Raeburn / raeburn at mit.edu / no longer at MIT Kerberos Consortium
More information about the Kerberos