To verify the Keyversion number of Keytab
jaltman at secure-endpoints.com
Wed Jan 16 18:29:00 EST 2008
> The Kerberos packets can be captred by ethereal and then we can observe the
> Keyversion(kvno) of Keytab.
> If the KDC is Windows2003 and on running the kinit if we get the error as
> sendauth rejected, error reply is:
> "Key version number for principal in key table is incorrect"
> If the captured packets on ethereal are encrypted in the tcp form.Then how
> can we know the Keyversion number of the Keytab we are using?
The kvno is not encrypted. If it were, the receiving service would not
know which key to use to decrypt the incoming message.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3355 bytes
Desc: S/MIME Cryptographic Signature
Url : http://mailman.mit.edu/pipermail/krbdev/attachments/20080116/e632a17f/attachment.bin
More information about the krbdev