[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mixing heimdal an MIT kerberos V

Im using Heimdal 0.5.1 as our kdc on Solaris and HPUX.
pam_krb5 from SOLARIS is working and we are using the OPEN SOURCE 
version of pam_krb5 to work with HP-UX.


I have kerberized NFS, SMB (Samba 3.0) ssh, ftp and telnet services 
working against Heimdal.

One comment, SOLARIS uses /etc/krb5/krb5.conf and /etc/krb5/krb5.keytab 
conf files, but Heimdal uses
/etc/krb5.conf and /etc/krb5.keytab files !!

Alberto Patino


Gunnar Gunnarsson wrote:

>I'm running a heimdal version 0.5.1 as a kdc. Can I support solaris 
>clients running Sun implementation of MIT kerberos ? According to 
>Sun it's compatible with MIT 1.2.5.
>Clients such as kinit works but listing keytab files with solaris version of 
>ktutil made by heimdal doesn't work. Neither does solaris pam_krb5 module 
>work with heimdal keytab files.
>
># /usr/bin/ktutil 
>ktutil:  rkt krb5.keytab
>ktutil:  list
>slot KVNO Principal
>---- ---- --------------------------------------------------------------------------
>   1    1             host/aries.netia.se@NETIA.SE
>   2    1             host/aries.netia.se@NETIA.SE
>   3    1             host/aries.netia.se@NETIA.SE
>   4    1             host/aries.netia.se@NETIA.SE
>
># /usr/heimdal/sbin/ktutil list
>FILE:/etc/krb5.keytab:
>
>Vno  Type           Principal                   
>  1  des-cbc-crc    host/aries.netia.se@NETIA.SE
>  1  des-cbc-md4    host/aries.netia.se@NETIA.SE
>  1  des-cbc-md5    host/aries.netia.se@NETIA.SE
>  1  des3-cbc-sha1  host/aries.netia.se@NETIA.SE
>
>krb4:/etc/srvtab:
>
>Vno  Type         Principal                   
>  1  des-cbc-md5  host/aries.netia.se@NETIA.SE
>  1  des-cbc-md4  host/aries.netia.se@NETIA.SE
>  1  des-cbc-crc  host/aries.netia.se@NETIA.SE
>