[krbdev.mit.edu #8535] kinit from keytab fails when principal contains a backslash
Anand Patil via RT
rt-comment at krbdev.mit.edu
Fri Jan 6 16:03:40 EST 2017
Reproduction:
1. Create principal with backslash using kadmin.local:
kadmin.local: addprinc anand\\slash at DOMAIN
WARNING: no policy specified for anandslash at DOMAIN; defaulting to no policy
Enter password for principal "anand\\slash at DOMAIN":
Re-enter password for principal "anand\\slash at DOMAIN":
Principal "anand\\slash at DOMAIN" created.
2. Create a keytab for that principal using ktutil:
# ktutil
ktutil: addent -password -p anand\\slash at DOMAIN -k 1 -e des3-cbc-sha1
Password for anand\\slash at DOMAIN:
ktutil: wkt /tmp/slash.keytab
[root at anand-cm-1 ~]# klist -kte /tmp/slash.keytab
Keytab name: FILE:/tmp/slash.keytab
KVNO Timestamp Principal
---- -----------------
--------------------------------------------------------
1 01/06/17 12:53:30 anand\\slash at DOMAIN (des3-cbc-sha1)
3. Try to use that keytab with kinit:
# kinit -k -t /tmp/slash.keytab -p anand\\slash at DOMAIN
kinit: Keytab contains no suitable keys for anandslash at DOMAIN while getting
initial credentials
Thanks!
Anand
More information about the krb5-bugs
mailing list