[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
=?gb2312?q?=BB=D8=B8=B4=A3=BA=20Re:=20=BB=D8=B8=B4=A3=BA=20Re:=20=BB=D8?==?gb2312?q?=B8=B4=A3=BA=20Re:=20kerberos=20setup,=20basic=20questions?=
Thanks for Brandon, Harald and Joakim's advice.
I tried and got krb5.keytab successfully.
But it is so strange that when i run heimdal's telnet
on kerberosC to connect heimdal's telnetd on
kerberosKDC, it seems that the connection was not
kerberosized, as following:
[root@kerberosC bin]# ./telnet 192.168.0.30
Trying 192.168.0.30...
Connected to 192.168.0.30.
Escape character is '^]'.
Waiting for encryption to be negotiated...
*** Connection not encrypted! Communication may be
eavesdropped. ***
Encryption negotiated.
Password:
My question is:
1. Are there some parameters of the command "./telnet"
for kerberos connection? As mentioned above, it may be
a non-kerberos connection.
2. When i run kinit on kerberosC, the clinet got
TGT.(The captured packages are AS-REQ and AS-REP). And
When to get TGS? Does "TGS-REQ to TGS-REQ exchange"
happen when I run heimal's telnet on kerberosC?
Thanks
Wang Yue
--- "Brandon S. Allbery KF8NH"
<allbery@ece.cmu.edu>дµÀ:
>
> On 2008 Jul 2, at 7:39, Íõ«h wrote:
>
> > 5. create a principal and makes krb5.keytab on
> > kerberosKDC
> > kadmin> add -r host/kerberosKDC.WEDGIE.ORG
> > kadmin: connect(192.168.0.30): Connection refused
>
> Did you start kadmind on kerberosKDC?
>
> > snuffy:501 Z$ bos status e-xing -long
> (...)
> > Instance kdc, (type is simple) currently running
> normally.
> > Process last started at Wed Jul 2 01:17:33
> 2008 (4 proc starts)
> > Last exit at Wed Jul 2 01:17:33 2008
> > Command 1 is '/usr/local/libexec/kdc'
> >
> > Instance kadmind, (type is simple) currently
> running normally.
> > Process last started at Sun Jun 29 03:30:19
> 2008 (1 proc starts)
> > Command 1 is '/usr/local/libexec/kadmind'
> >
> > Instance iprop-m, (type is simple) has core file,
> currently running
> > normally.
> > Process last started at Sun Jun 29 03:30:19
> 2008 (1 proc starts)
> > Command 1 is
> '/usr/local/libexec/ipropd-master'
> >
> > Instance kpasswd, (type is simple) currently
> running normally.
> > Process last started at Sun Jun 29 03:30:19
> 2008 (1 proc starts)
> > Command 1 is '/usr/local/libexec/kpasswdd'
> >
> > Instance kdcbackup, (type is cron) currently
> running normally.
> > Auxiliary status is: run next at Wed Jul 2
> 18:06:00 2008.
> > Process last started at Tue Jul 1 18:06:44
> 2008 (3 proc starts)
> > Last exit at Tue Jul 1 18:06:52 2008
> > Command 1 is '/var/heimdal/kdcbackup.sh'
> > Command 2 is '18:06'
> >
> > Instance kpasswd464, (type is simple) currently
> running normally.
> > Process last started at Sun Jun 29 03:30:19
> 2008 (1 proc starts)
> > Command 1 is '/usr/local/libexec/kpasswdd
> --port=464'
>
>
>
> --
> brandon s. allbery
> [solaris,freebsd,perl,pugs,haskell]
> allbery@kf8nh.com
> system administrator [openafs,heimdal,too many hats]
> allbery@ece.cmu.edu
> electrical and computer engineering, carnegie mellon
> university KF8NH
>
>
>
___________________________________________________________
ÑÅ»¢ÓÊÏ䣬ÄúµÄÖÕÉúÓÊÏ䣡
http://cn.mail.yahoo.com/