user-to-user counterpart of krb5_server_decrypt_ticket_keytab() ?

Rick van Rein rick at
Sat Jul 2 03:03:18 EDT 2016


> on the server I run into a missing u2u counterpart for
> krb5_server_decrypt_ticket_keytab(); I need something along the lines of
> krb5_server_decrypt_ticket_creds() that would use a TGT (krb5_creds)
> rather than a keytab to decrypt a ticket.

I think I found it: krb5_decrypt_tkt_part() takes a keyblock.
That ought to work!

Sorry for not finding it straight away; I was looking on the web interface,
which doesn't mention it, but I found it in libkrb5.exports, which is the
more convincing place to have it :)


More information about the krbdev mailing list