32477 – kinit fails when using keytab

Bug 32477 - kinit fails when using keytab

Summary: kinit fails when using keytab

Keywords:
Status:	CLOSED DEFERRED
Alias:	None
Product:	Red Hat Raw Hide
Classification:	Retired
Component:	krb5
Sub Component:
Version:	1.0
Hardware:	All
OS:	Linux
Priority:	low
Severity:	medium
Target Milestone:	---
Assignee:	Nalin Dahyabhai
QA Contact:	Brian Brock
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2001-03-21 00:55 UTC by Elliot Lee
Modified:	2007-03-27 03:42 UTC (History)
CC List:	0 users
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2001-03-21 00:55:31 UTC
Embargoed:

Attachments	(Terms of Use)

Description Elliot Lee 2001-03-21 00:55:28 UTC

$ kadmin -r TEST.ME -p admin/admin
Authenticating as principal admin/admin with password.
Enter password:
kadmin:  ktadd -k sopwith.keytab sopwith
Entry for principal sopwith with kvno 3, encryption type DES cbc
mode with CRC-32 added to keytab WRFILE:sopwith.keytab Entry for principal
sopwith with kvno 3, encryption type Triple DES cbc mode raw added
to keytab WRFILE:sopwith.keytab
kadmin:  quit
$ kinit -k host/ath.test.me
kinit(v5): Bad encryption type while getting initial credentials

--------------------
While possibly caused by operator error, the instructions available seem to
indicate that this should work. Using kinit on this same principal with the
password instead of the keytab file works fine. This happens on both Alpha
and x86 archs - the alpha is using krb5-*-1.2.2-3, the x86 krb5-*-1.2.1-8.

Comment 1 Nalin Dahyabhai 2001-06-27 05:06:55 UTC

This is a partially-implemented feature.  Currently, kinit using a keytab
only works for DES, not 3DES.  To extract just a DES key, use the
"ktadd -e des <principal>" syntax in kadmin.  I expect this will be fixed in
a future release of Kerberos 5.

Note You need to log in before you can comment on or make changes to this bug.