[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: cross realm authentication details

To: dick@uchicago.edu
Subject: Re: cross realm authentication details
From: "Brandon S. Allbery KF8NH" <allbery@ece.cmu.edu>
Date: Sun, 30 Apr 2006 18:20:51 -0400
Cc: heimdal-discuss@sics.se
In-Reply-To: <a0d5f9d6.b1453e69.81daa00@m4500-00.uchicago.edu>
References: <a0d5f9d6.b1453e69.81daa00@m4500-00.uchicago.edu>
Sender: owner-heimdal-discuss@sics.se


On Apr 30, 2006, at 5:31 , Jacob Yocom-Piatt wrote:

> i have tried doing this by adding 2 principals, krbtgt/REALM. 
> 1@REALM.2 and
> krbtgt/REALM.2@REALM.1, to my KDC via the kadmin interface using
>
> add --random-key krbtgt/REALM.1@REALM.2
> add --random-key krbtgt/REALM.2@REALM.1

I don't think that's going to work:  the principals need to have the  
same key, whereas --random-key will generate a distinct (hopefully)  
random key for each one.

-- 
brandon s. allbery     [linux,solaris,freebsd,perl]       
allbery@kf8nh.com
system administrator  [openafs,heimdal,too many hats]   
allbery@ece.cmu.edu
electrical and computer engineering, carnegie mellon university       
KF8NH

Follow-Ups:
- Re: cross realm authentication details
  - From: "Douglas E. Engert" <deengert@anl.gov>

References:
- cross realm authentication details
  - From: Jacob Yocom-Piatt <dick@uchicago.edu>

Prev by Date: cross realm authentication details
Next by Date: Re: cross realm authentication details
Prev by thread: cross realm authentication details
Next by thread: Re: cross realm authentication details
Index(es):
- Date
- Thread