How does the user principal know the service

ZongtianHou zongtianhou at icloud.com
Sat Jun 23 14:57:21 EDT 2018


Hi, everyone:
I am a bit confused of the auth process of kerberos. The user principal request the AS for a tgt, then use send the tgt to the TGS to get a ticket. The ticket was encrypted by the service principal key, But how does the TGS know which service principal the user want to access, how the TGS decide use which service principal key to encrypt the ticket so that the ticket can be decrypted by the server? Can someone give me some clue?


More information about the Kerberos mailing list