krb5-1.8 fails to verify MS PAC Checksum when AES 256 is used causing sshd to fail

Luke Howard lukeh at
Fri Jul 2 17:35:51 EDT 2010

On 02/07/2010, at 4:44 PM, Douglas E. Engert wrote:

> On 7/1/2010 4:35 PM, Luke Howard wrote:
>>> With  msDS-SupportedEncryptionTypes = 16 (AES256) The first verify fails
>>> as expected, and the keytab is searched, and each key is tried. But
>>> the RC4 key (23) gets a KRB5KRB_AP_ERR_BAD_INTEGRITY as the compare
>>> of the computed and supplied checksums don't match.
>> Perhaps they're rc4-hmac with the AES key. (This really wouldn't surprise me. Ironically it might make the code path simpler.)
> I was thinking along the same lines last night. I tried you second patch, and that did not work
> getting these messages:
>   GSS-API error accepting context: Unspecified GSS failure.  Minor code may provide more information
>   GSS-API error accepting context: Key size is incompatible with encryption type

OK, so we need both patches?

> The CKSUMTYPE_MD5_HMAC_ARCFOUR = -137 may also be misnamed, and the
> same patch might be needed with it as well. I don't know where is is
> used, but since HMAC can use any key <= 64 bytes, it may not need the
> & krb5int_enc_arcfour.

That might be OK, it was just used for NetLogon, not by Kerberos.

-- Luke

More information about the krbdev mailing list