It’s sort of implemented. On my Mac, if I use
--fast-armor-cache=FILE:/tmp/krb5cc_1003 it sends udp packets to the server.
The server doesn’t return anything and makes no entry in krb5kdc.log. So the
client waits and eventually times out.
If I force tcp by using tcp/hostname in krb5.conf, a no
On 11/02/2017 05:06 AM, Oleksandr Yermolenko wrote:
> I have a strange (for me?) situation using MIT KDC together with
> Heimdal client. PKINIT/FAST scenario.
I don't believe Heimdal implements FAST OTP.
> kinit --cache=FILE:/tmp/krb5cc_1000 a...@idm.crp
> a...@idm.crp's Password: passwordOTP
> k
Hi,
I have a strange (for me?) situation using MIT KDC together with
Heimdal client. PKINIT/FAST scenario.
STEP 1:
client side:
kinit --anonymous
klist -v
Credentials cache: FILE:/tmp/krb5cc_1000
Principal: WELLKNOWN/ANONYMOUS@WELLKNOWN:ANONYMOUS
Cache version: 4
Server: krbtgt/idm