Adding principal from client. Is the password exposed ?
Greg Hudson
ghudson at MIT.EDU
Thu Aug 12 10:12:35 EDT 2010
On Thu, 2010-08-12 at 09:04 -0400, Use Nas wrote:
> I am trying to add the principals from the kerberos kadmin client using
> addprinc command. How does the "password" is communicated to KDC from the
> client. I tried iptrace and found that there is no "plain text" password
> which is being send. So, what encryption is being used and how is it
> decrypted on KDC ?
kadmin connections are encrypted using GSSRPC with the krb5 GSS
mechanism.
More information about the krbdev
mailing list