>>>>> "JH" == Jeffrey Hutzelman <[EMAIL PROTECTED]> writes:
JH> Well, the problem is that entries in NIS or in UNIX password files JH> don't contain the password; they contain a one-way hash of the JH> password. Without some fairly time-expensive cryptographic JH> attacks, you can't recover the actual password, which is needed to JH> add keys to the Kerberos database. If you use PAM, there is the pam_krb5_migrate module which is supposed to stuff the password into the Kerberos database when a user authenticates against whatever system you are currently using. Unfortunately I never figured out quite how to make it work, but then I'm far from an expert in either PAM or Kerberos. - J< ________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
