Diego Pignedoli wrote: > The identity is the default identity. > I think it's not so easy as I think and I am missing some particular > setting. > Do I have to create a principal also for the service ftp or only for > the identity who is logging? > > That is what I did: > i) I activated ftp server service and set the firewall to permit > inbound traffic on ftp ports > ii) i installed the NIM and activated the kerberos support service > from windows services > iii) i did all the settings i have been asked from NIM > > But when I test the filezilla with gss i get that msg. > I am really confused! > > Diego There has to be a service principal for the FTP service. Otherwise, there is nothing for the client to authenticate to.
Typically, if the "ftp" service is on the machine "foo.bar.com" in realm BAR.COM then the FTP service principal will be "ftp/[EMAIL PROTECTED]". This principal must exist in the BAR.COM database and the key for the principal must be installed in the keytab configured for use by the FTP service. Jeffrey Altman Secure Endpoints Inc.
smime.p7s
Description: S/MIME Cryptographic Signature
________________________________________________ Kerberos mailing list [email protected] https://mailman.mit.edu/mailman/listinfo/kerberos
