Establish FAST encrypted channel between linux client and windows server
Faisal Ali
faisal.ali.101 at gmail.com
Mon Feb 9 08:55:17 EST 2015
I am trying to setup windows server for FAST encrypted channel support to
test OTP pre authentication in kerberos.
I have already tested on linux machine by deploying KDC using krb5-1.12.1
source code, freeradius server and using keytab of service principal to
receive armor ccache to be used to establish FAST encrypted channel between
client and KDC.
I have setup windows server 2012 for kerberos, and added support for "KDC
support for claims, compound authentication and Kerberos armoring" policy
on it. I can receive TGT for service principal. But, when I execute the
command "kinit -T <armor-cache> <principal>", KDC does not reply with any
padata and no FAST encrypted channel is established (observed through
wireshark log and Kerberos library logs).
Is it possible to establish a FAST encrypted channel between linux client
and Windows AD? Have I missed any setting?
More information about the Kerberos
mailing list