LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Kerberos Authentication
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 06-15-2005, 03:11 PM   #1
cwinter00
LQ Newbie
 
Registered: Jun 2005
Posts: 1

Rep: Reputation: 0
Kerberos Authentication

I have setup the kerberos client on my SUSE Linu workstation. I have a Windows 2003 server domain and whenever I do the kinit, I get the error "kinit: Password incorrect" Any suggestions would be great.

Curt
 
Old 06-16-2005, 12:56 PM   #2
slacky
Member
 
Registered: Feb 2004
Location: USA
Distribution: Debian
Posts: 174

Rep: Reputation: 16
Here's part of my /etc/krb5.conf that works for me under Debian Sarge. Only what I highlighted in bold are my own changes - DOMAIN.COM is my Windows domain name and DC1 and DC2 are my Windows Domain Controllers.

[libdefaults]
default_realm = DOMAIN.COM
# The following krb5.conf variables are only for MIT Kerberos.
krb4_config = /etc/krb.conf
krb4_realms = /etc/krb.realms
kdc_timesync = 1
ccache_type = 4
forwardable = true
proxiable = true
# The following encryption type specification will be used by MIT Kerberos
# if uncommented. In general, the defaults in the MIT Kerberos code
# are correct and overriding these specifications only serves to disable
# new encryption types as they are added, creating interoperability problems.
# default_tgs_enctypes = aes256-cts arcfour-hmac-md5 des3-hmac-sha1 des-cbc-crc des-cbc-md5
# default_tkt_enctypes = aes256-cts arcfour-hmac-md5 des3-hmac-sha1 des-cbc-crc des-cbc-md5
#permitted_enctypes = aes256-cts arcfour-hmac-md5 des3-hmac-sha1 des-cbc-crc des-cbc-md5

# The following libdefaults parameters are only for Heimdal Kerberos.
v4_instance_resolve = false
v4_name_convert = {
host = {
rcmd = host
ftp = ftp
}
plain = {
something = something-else
}
}

[realms]
DOMAIN.COM = {
kdc = DC1
kdc = DC2
admin_server = DC2
}
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Kerberos Authentication Comatose51 Linux - Security 2 08-30-2005 06:44 AM
PAM/Kerberos authentication problem hmartin216 Linux - Security 2 03-11-2005 09:28 PM
Samba Kerberos Authentication SNunweiler Linux - Networking 7 08-25-2004 10:27 AM
Authentication In A Http Request With Kerberos Ephraim Programming 0 08-03-2004 04:13 AM
Authentication via Kerberos grubjo Linux - Security 0 07-30-2004 11:48 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 03:47 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration