[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: semi-colon taboo?
As it turns out, the problem was in a Perl script I use to listen for
queued additions to the kerberos database. A semi-colon in perl is the
EOL character, as you know. So kadmin was not receiving a valid
user/password pair. I will either have to allow the semi-colon as a
character in this scaler, or rewrite the script in shell or python.
On Wed, 2004-09-15 at 13:51, Love wrote:
>
> Andrew Bacchi <bacchi@rpi.edu> writes:
>
> > One user had a semi-colon in his password, and was unable to use the
> > kdc. Removing the ";" from the password cured the problem, repeatable.
> > Is this a known problem? Are there any other taboo characters? Thanks.
>
> All characters that are in the ASN.1 GeneralString charset are ok. In
> reality anything that is ASCII does't work.
>
> What encryption types/salting was set in the principal ? What was the
> client, what kdc where you running ?
>
> I've tested with aes256-cts-hmac-sha1-96, arcfour-hmac-md5, des3-cbc-sha1,
> des-cbc-crc. Any clue how to reproduce this would be great.
>
> Love
>
--
Facade: Provide a unified interface to a set of interfaces in a
subsystem.
Andrew Bacchi
Staff Systems Programmer
Rensselaer Polytechnic Institute
phone: 518 276-6415 fax: 518 276-2809
http://www.rpi.edu/~bacchi/