Fwd: TGS-REP TICKET decrypting problem
somenath saha
saha.somenath.88 at gmail.com
Tue Jun 10 00:12:01 EDT 2014
Hi,
you told me that KDC is using secret key of the computer itself to encrypt
the ticket. How do we find this secret key in-order to decrypt the ticket?
please provide some details about that how to find out the machine secret
key. its urgent. I became stuck in this point for some week.
regards,
somenath
>
>
>
> On Tue, May 20, 2014 at 4:17 PM, somenath saha <saha.somenath.88 at gmail.com
> > wrote:
>
>>
>>
>> ---------- Forwarded message ----------
>> From: Wang Weijun <weijun.wang at oracle.com>
>> Date: Tue, May 20, 2014 at 3:25 PM
>> Subject: Re: TGS-REP TICKET decrypting problem
>> To: somenath saha <saha.somenath.88 at gmail.com>
>> Cc: "krbdev at mit.edu" <krbdev at mit.edu>
>>
>>
>> The KDC is using the secret key of the computer itself, which is not the
>> same as any of those user accounts. Assuming your KDC is a Windows Server,
>> you will see "Users and Computers" in the Active Directory Domain Services
>> manager, which means each user and computer is a different principal.
>>
>> --Max
>>
>>
>> On May 20, 2014, at 17:09, somenath saha <saha.somenath.88 at gmail.com>
>> wrote:
>>
>> > Hi,
>> >
>> > I need some information regarding the ticket creation in KDC.
>> >
>> > Assume my pc’s host name is “SOMENATH-PC” & it has 3 user accounts.
>> > They are:
>> >
>> >
>> >
>> > *USER NAME PASSWORD*
>> >
>> > i) Administrator administrator
>> >
>> > ii) Somenath somenath
>> >
>> > iii) Guest guest
>> >
>> >
>> >
>> > Now in TGS_REQ message I send “*cifs/SOMENATH-PC.xyz.com
>> > <http://somenath-pc.xyz.com/>” *as server name (Service & Host) in
>> > KDC_REQ_BODY. After receiving TGS_REQ message KDC prepare a ticket
>> which is
>> > encrypted by using server’s secret key i.e. SOMENATH-PC’s secret key.
>> >
>> >
>> >
>> > Now my question is that in order to encrypt the enc-part of the ticket
>> what
>> > credential’s is used by KDC as *“SOMENATH-PC”* has three user accounts
>> > which is mentioned above. Please provide me some information regarding
>> my
>> > question.
>> >
>> >
>> >
>> > Regards,
>> >
>> > Somenath
>> >
>> >
>> > On Thu, May 15, 2014 at 12:56 PM, somenath saha
>> > <saha.somenath.88 at gmail.com>wrote:
>> >
>> >> Hi,
>> >>
>> >> I need some information regarding the ticket creation in KDC.
>> >>
>> >> Assume my pc’s host name is “SOMENATH-PC” & it has 3 user
>> accounts.
>> >> They are:
>> >>
>> >>
>> >>
>> >> *USER NAME PASSWORD *
>> >>
>> >> i) Administrator administrator
>> >>
>> >> ii) Somenath somenath
>> >>
>> >> iii) Guest guest
>> >>
>> >>
>> >>
>> >> Now in TGS_REQ message I send “*cifs/SOMENATH-PC.xyz.com
>> >> <http://SOMENATH-PC.xyz.com>” *as server name (Service & Host) in
>> >> KDC_REQ_BODY. After receiving TGS_REQ message KDC prepare a ticket
>> which is
>> >> encrypted by using server’s secret key i.e. SOMENATH-PC’s secret key.
>> >>
>> >>
>> >>
>> >> Now my question is that in order to encrypt the enc-part of the ticket
>> >> what credential’s is used by KDC as *“SOMENATH-PC”* has three user
>> >> accounts which is mentioned above. Please provide me some information
>> >> regarding my question.
>> >>
>> >>
>> >>
>> >> Regards,
>> >>
>> >> Somenath
>> >>
>> > _______________________________________________
>> > krbdev mailing list krbdev at mit.edu
>> > https://mailman.mit.edu/mailman/listinfo/krbdev
>>
>>
>>
>>
>
More information about the krbdev
mailing list