addprinc -randkey broken in 1.7?

Quenenni oximore at gmail.com
Thu Nov 5 23:18:50 EST 2009


On 21 sep, 19:44, Greg Hudson <ghud... at MIT.EDU> wrote:
> On Wed, 2009-09-16 at 23:29 -0400, Greg Hudson wrote:
> > It would be trivial to fix this regression by picking a temporary
> > password which is valid UTF-8 but still contains all five character
> > classes.  I think that will be the best minimal fix for 1.7.1.  For the
> > trunk, time permitting, I will review and apply Marcus Watts's patch,
> > which is a more elegant solution.
>
> Just to close the loop on this, both the minimal fix and the long-term
> fix are checked in.  We don't currently have a scheduled date for 1.7.1;
> the schedule for 1.8 is March 2010 plus or minus three months.
>
> I failed to credit Marcus Watts in my commit of the long-term fix, which
> was adapted from his patch.  Apologies on that count.

Sorry to bring back this topic.

I had the same problem when using
addprinc -policy service -randkey host/xxx.be

My solution for -randkey to work, was to set -minclasses 1 for policy
service.
It was at 3 at the beginning and 2 didn't work aswell.

Found the solution here: http://blogg.cefit.se/

Hope this help.
Kenny

My config: apt-cache show krb5-admin-server

Package: krb5-admin-server
Priority: optional
Section: net
Installed-Size: 288
Maintainer: Sam Hartman <hartmans at debian.org>
Architecture: i386
Source: krb5
Version: 1.7dfsg~beta3-1
Depends: debconf (>= 0.5) | debconf-2.0, libc6 (>= 2.4), libcomerr2
(>= 1.01), libgssapi-krb5-2 (>= 1.6.dfsg.2), libgssrpc4 (>= 1.6.dfsg.
2), libk5crypto3 (>= 1.6.dfsg.2), libkadm5srv6 (>= 1.7dfsg~beta1),
libkdb5-4 (>= 1.7dfsg~alpha1), libkeyutils1, libkrb5-3 (=
1.7dfsg~beta3-1), libkrb5support0 (>= 1.7dfsg~beta2), libss2 (>=
1.01), krb5-kdc, lsb-base (>= 3.0-6)
Filename: pool/main/k/krb5/krb5-admin-server_1.7dfsg~beta3-1_i386.deb



More information about the Kerberos mailing list