Re: How to use gssapi between a java client and a C server?

2006-09-27 Thread lizhong
The message sent by the java code is like this: | token.length(4Bytes) | token(token.length bytes) |

Re: Remembering Master Password

2006-09-27 Thread Henry B. Hotz
On Sep 23, 2006, at 9:05 AM, [EMAIL PROTECTED] wrote: Date: Sat, 23 Sep 2006 08:42:51 CDT From: John Hascall [EMAIL PROTECTED] Subject: Re: Remembering Master Password To: Jason C. Wells [EMAIL PROTECTED] Cc: kerberos@mit.edu Message-ID: [EMAIL PROTECTED] In big bold letters we are

MySQL and Kerberos

2006-09-27 Thread Henry B. Hotz
Anyone know how to use Kerberos with MySQL? I thought I once saw a kludge where you could use Kerberos with some kind of tunneling mechanism and make the server pick up the username from the tunnel. I can't seem to find any reference to that with Google now, though. Anyone actually

Re: Remembering Master Password

2006-09-27 Thread Jeffrey Hutzelman
On Wednesday, September 27, 2006 08:52:52 AM -0700 Henry B. Hotz [EMAIL PROTECTED] wrote: Heimdal uses a standard keytab file for the master password. In Heimdal kadmin you can do: add -r M/K del_enc M/K all encryption types except the one you want ext_key -k master key stash location

Re: MySQL and Kerberos

2006-09-27 Thread Evan Vittitow
The best idea I could come up with was to Kerberize PHPMyAdmin. At one time I wanted to add Kerberos support to eGroupware, PHPGroupware, PHPldapadmin, and PHPMyAdmin Kerberos mailing list Kerberos@mit.edu

Re: Remembering Master Password

2006-09-27 Thread Henry B. Hotz
On Sep 27, 2006, at 11:10 AM, Jeffrey Hutzelman wrote: On Wednesday, September 27, 2006 08:52:52 AM -0700 Henry B. Hotz [EMAIL PROTECTED] wrote: Heimdal uses a standard keytab file for the master password. In Heimdal kadmin you can do: add -r M/K del_enc M/K all encryption types

encryption types in krb5.conf

2006-09-27 Thread chandrakala
Hi, I 'm trying to enable use of des3-hmac-sha1 as one of the supported enctypes on a Linux machine. kdc.conf on my Linux machine is as below: master_key_type= des-cbc-crc supported_enctypes = des3-cbc-sha1:normal des-cbc-md5:normal des-cbc-crc:normal Created the database and restarted

Re: Remembering Master Password

2006-09-27 Thread Jeffrey Hutzelman
On Wednesday, September 27, 2006 01:26:22 PM -0700 Henry B. Hotz [EMAIL PROTECTED] wrote: On Sep 27, 2006, at 11:10 AM, Jeffrey Hutzelman wrote: On Wednesday, September 27, 2006 08:52:52 AM -0700 Henry B. Hotz [EMAIL PROTECTED] wrote: Heimdal uses a standard keytab file for the master

Re: MySQL and Kerberos

2006-09-27 Thread Henry B. Hotz
Does the MySQL server have any provision for external identification of users at all? Beyond this point maybe the question belongs on a MySQL list. Thanks for answering though. On Sep 27, 2006, at 11:13 AM, Evan Vittitow wrote: The best idea I could come up with was to Kerberize

Re: Remembering Master Password

2006-09-27 Thread Henry B. Hotz
On Sep 27, 2006, at 1:38 PM, Jeffrey Hutzelman wrote: On Wednesday, September 27, 2006 01:26:22 PM -0700 Henry B. Hotz [EMAIL PROTECTED] wrote: On Sep 27, 2006, at 11:10 AM, Jeffrey Hutzelman wrote: On Wednesday, September 27, 2006 08:52:52 AM -0700 Henry B. Hotz [EMAIL PROTECTED]

Re: Remembering Master Password

2006-09-27 Thread Jeffrey Hutzelman
On Wednesday, September 27, 2006 01:54:30 PM -0700 Henry B. Hotz [EMAIL PROTECTED] wrote: I'm assuming from your omission that add will look at the existing kvno's and create the next one? Well, the man page claims it will prompt for anything you don't specify; I'm not sure I believe that

Re: Remembering Master Password

2006-09-27 Thread Henry B. Hotz
On Sep 27, 2006, at 2:00 PM, Jeffrey Hutzelman wrote: On Wednesday, September 27, 2006 01:54:30 PM -0700 Henry B. Hotz [EMAIL PROTECTED] wrote: I'm assuming from your omission that add will look at the existing kvno's and create the next one? Well, the man page claims it will prompt for

API help with ticket expiry

2006-09-27 Thread Keagle, Chuck
I'm working on making a batch queuing manager get a ticket for a user job that will execute without user interface in such a way the user doesn't have to put Kerberos username and password in clear text in the job stream. When user submits job, it may or may not run until after the current ticket

Re: API help with ticket expiry

2006-09-27 Thread Ken Hornstein
I have been able to create the ticket using encrypted username/password and am now working on making sure the ticket doesn't expire before the job ends. Granted, this isn't the safest mechanism, but users don't want jobs to abort if ticket expires when they are not around. krb5_timeofday() will

How to use gssapi in java applet?

2006-09-27 Thread lizhong
Hi all, I'm trying to build a applet client to connect to the gss-server.c program(in kerberos/src/app/gss-sample). I read this page: http://java.sun.com/j2se/1.5.0/docs/guide/security/jgss/tutorials/BasicClientServer.html And I have already built a java application client to connect to

Re: encryption types in krb5.conf

2006-09-27 Thread preetam R
Hi, This nice presentation on kerberos encryption types from Will Fiveash should clear your doubts. http://www.filibeto.org/~aduritz/truetrue/solaris10/krb_enctypes_so8.pdf Preetam --- chandrakala [EMAIL PROTECTED] wrote: Hi, I 'm trying to enable use of des3-hmac-sha1 as one of