Adding principal from client. Is the password exposed ?

Greg Hudson ghudson at MIT.EDU
Thu Aug 12 10:12:35 EDT 2010

On Thu, 2010-08-12 at 09:04 -0400, Use Nas wrote:
> I am trying to add the principals from the kerberos kadmin client using
> addprinc command. How does the "password" is communicated to KDC from the
> client. I tried iptrace and found that there is no "plain text"  password
> which is being send. So, what encryption is being used and how is it
> decrypted on KDC ?

kadmin connections are encrypted using GSSRPC with the krb5 GSS

More information about the krbdev mailing list