mutual authentication

Thomas tom at
Tue Oct 18 06:27:46 EDT 2005

I am new to Kerberos and I'm a bit clue-less about mutual authentication.

I saw the sclient sample application using krb5_sendauth() and reading the
reply from the server. But how is the reply authenticated/verified?

I looked at the code of sendauth() and recvauth() in  src/lib/krb5/krb and
neither found a verification there.

Am I blind? :)

What exactly does the server decrypt and send back to the client, and who is
responsible to verify the reply (client or lib), and how?

Can someone point me to a description of how to use mutual authentication

Thanks a lot.

Tom <tom at>
fingerprint = F055 43E5 1F3C 4F4F 9182  CD59 DBC6 111A 8516 8DBF

More information about the krbdev mailing list