I have been trying to get our Kaserver to authenticate a user principal
I have created with a MIT V4 key but having no luck so far.
We are running AFS 3.3 on a Solaris 2.3 platform.
My MIT K4 client is a Dec terminal server which will communicate just fine
with a Cygnus Kerb 4 database.
I did the following things in the Kaserver:
1) Created a user principal with 'kas'.
2) Then used the 'ksetkey' from anl (Doug Engert's code) script which calls
'kas setkey' but uses a
small program which sets the key using the standard Kerb V4 des string
to key function instead of AFS string to key.
3) Pointed my Dec terminal server to the AFS server running Kaserver.
4) Tried to authenticate using the user principal created above.
I get a failure when trying to authenticate.
'kas examine' reports that the key checksum is different when setting the
same password using the two different key functions. In other words, it
appears that my key on the user principal is indeed being set with
the other string to key function.
The terminal server does not timeout hence it definitely _is_ communicating
with the Kaserver KDC.
I would _really_ like to be able to use anl's modified kadmin daemon to
change passwords and keep a standard V4 key so that I can use standard K4
clients.
I am now short on time and really need to implement something soon.
Anyone have suggestions?
--
[EMAIL PROTECTED]
Systems Programmer
SYN Dept, UNC-Greensboro
phone: (910) 334-3338
http://www.uncg.edu/~jsthyer
