keytab to krb5_creds?
Russ Allbery
rra at stanford.edu
Fri Jan 28 17:00:17 EST 2011
John Hascall <john at iastate.edu> writes:
> It seems to me that one ought to be able to construct a krb5_creds
> struct given a keytab (and the princ name you want from it)? [probably
> re-inventing a number of wheels due to non-publically visible functions]
The kimpersonate tool that comes with Heimdal does essentially this. Per
the man page:
The kimpersonate program creates a "fake" ticket using the
service-key of the service. The service key can be read from a
Kerberos 5 keytab, AFS KeyFile or (if compiled with support for
Kerberos 4) a Kerberos 4 srvtab.
--
Russ Allbery (rra at stanford.edu) <http://www.eyrie.org/~eagle/>
More information about the Kerberos
mailing list