AFS Token / Kerberos v5 ticket
Remi Ferrand
remi.ferrand at cc.in2p3.fr
Mon Oct 19 11:37:44 EDT 2009
Hi,
I'm trying to find a way to decrypt efficiently an AFS Token created
with "kinit + aklog" in order to access the encrypted data.
Every attempt I made to use the tkt_DecodeTicket5 function was
unsuccessful (this function is supposed to exist for this purpose, isn't
it ?)
My last (and ultimate) idea is to map the AFS Token to a krb5_ticket and
to decrypt it with the krb5_decrypt_tkt_part function.
That's not an easy trick and I would like to know if someone has already
written something about this ....
My questions are :
* Is it possible to map an AFS Token to a krb5_ticket and decrypt it
using krb5_decrypt_tkt_part function ?
The encrypted part of AFS Tokens created with "kinit+aklog" is based
on the krb5_encrypt_tkt_part function so I think that's possible.
* Does anyone have already tried something like this ?
Anyone could help me doing this ?
For sure, any other idea to access the encrypted content of the AFS
Tokens created with "kinit + aklog" are accepted.
Thanks in advance
Remi
--
Remi Ferrand | Institut National de Physique Nucleaire
Tel. +33(0)4.78.93.08.80 | et de Physique des Particules
Fax. +33(0)4.72.69.41.70 | Centre de Calcul - http://cc.in2p3.fr/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 4055 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/kerberos/attachments/20091019/d425dcee/attachment.bin
More information about the Kerberos
mailing list