[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Realm problem

To: Holger van Lengerich <gimli@uni-paderborn.de>
Subject: Re: Realm problem
From: Istvan Farkas <istvan@sztaki.hu>
Date: Thu, 09 Dec 1999 10:57:40 +0100 (MET)
Cc: heimdal-discuss@sics.se
In-reply-to: <Pine.GSO.4.20.9912082103520.9332-100000@solaris-serv>
Sender: owner-heimdal-discuss@sics.se

On Wed, 8 Dec 1999, Holger van Lengerich wrote:

> No! You have to define "IIF.HU" in the [realms] section. (Or setup a SRV RR
> on the nameserver for IIF.HU)

Yes, Thank you !!

But the Connection not encrypted, why ?

The problem:

193.225.12.157>$ telnet vh75.iif.hu     /kerberos telnet/

Trying 193.225.12.23...
Connected to vh75.iif.hu.
Escape character is '^]'.

[ Trying mutual KERBEROS5 ... ]

*** Connection not encrypted! Communication may be eavesdropped. ***
[ Kerberos V5 accepts you as ``istvan@ASZI.SZTAKI.HU'' ]

User Access Verification

vh75.iif.hu>

Connection is ok, but the connection not encrypted :((

In the router config:

kerberos srvtab entry host/vh75.iif.hu@IIF.HU 1 944587420 1 1 8 ...

In the databese:

host/vh75.iif.hu@ASZI.SZTAKI.HU 1:0:1:....:- 19991207165606:kadmin/admin@ASZI.SZTAKI.HU 19991207165607:kadmin/admin@ASZI.SZTAKI.HU - - - - - 126

So, the vh75.iif.hu only use des-cbc-crc encryption. I remove all entries
for keys other than des-cbc-crc, and then reloading the database.

I was read in the heimdal.info, but not good :((.

Bye,
----------------------------------------------------------------------------
   Istvan FARKAS                                e-mail : istvan@sztaki.hu
   Computer and Automation Institute            phone  : (361) 349-7532
   H-1132. Budapest, Victor Hugo u 18-22        fax    : (361)329-7866

References:
- Re: Realm problem
  - From: Holger van Lengerich <gimli@uni-paderborn.de>

Prev by Date: ftp mget hangs
Next by Date: Heimdal & SRV-records
Prev by thread: Re: Realm problem
Next by thread: Realm
Index(es):
- Date
- Thread