Help with Kerberos authentication process
Greg Hudson
ghudson at MIT.EDU
Wed Nov 14 15:05:33 EST 2012
On 11/14/2012 02:29 PM, Patrick Mutombo wrote:
> I noticed that every time a Linux client initiates an
> authentication request to the KDC, the username is transmitted in clear
> text within the Kerberos AS-REQ packet. Is it normal behavior of the
> Kerberos protocol or should I expect that the username be also hidden?
> Any help on this will be highly appreciated.
This is normal.
It is theoretically possible to mask the username in a krb5 request when
using FAST, but we don't have support for it.
More information about the Kerberos
mailing list