[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: krb4 -> heimdal migration

To: Mark Dawson <md@doc.ic.ac.uk>
Subject: Re: krb4 -> heimdal migration
From: joda@pdc.kth.se (Johan Danielsson)
Date: 23 Mar 1999 18:44:52 +0100
Cc: heimdal-discuss@sics.se
In-Reply-To: Mark Dawson's message of "Tue, 23 Mar 1999 17:08:57 +0000"
References: <36F7CAA9.BB087B9D@doc.ic.ac.uk>
Sender: owner-heimdal-discuss@sics.se

Mark Dawson <md@doc.ic.ac.uk> writes:

> I am trying to migrate principals from our Kerberos4 database to
> Heimdal (version 0.1c).

You are using 0.1c in all ends?

> When I attempt to kinit using a migrated principal I get 'kinit:
> Password incorrect' (details below).

My first guess is that it's some problem with (wrongly) encrypted
keys. How are you running hprop/hpropd? Are you running hprop in
network-mode, or are you dumping to standard out?

hprop -E -m m-key -4 -k FILE:keytab other-host

is what I use, with m-key being the (heimdal) master key file, and
keytab containing a `kadmin/hprop@NADA.KTH.SE' key.

> #0  verify_checksum (context=0x8094d70, crypto=0x0, usage=0,
> data=0x8096e78, 
>     len=256, C=0xbfffad24) at crypto.c:1236

You can look at `data' here and see if it looks good (a good
indication is the occurrence of 0x03, 0x02, 0x01 byte sequences :-).
The first part (8 + 16 bytes) is random data and zeros, so you can't
look at that.

If it does look ok, it's most likely some kind of checksum bug.

/Johan

Follow-Ups:
- Re: krb4 -> heimdal migration
  - From: Mark Dawson <md@doc.ic.ac.uk>

References:
- krb4 -> heimdal migration
  - From: Mark Dawson <md@doc.ic.ac.uk>

Prev by Date: krb4 -> heimdal migration
Next by Date: Re: krb4 -> heimdal migration
Prev by thread: krb4 -> heimdal migration
Next by thread: Re: krb4 -> heimdal migration
Index(es):
- Date
- Thread