Displaying 10 results from an estimated 10 matches for "addressless".
Did you mean:
addressess
2004 Sep 14
2
GSSAPI, Kerberos and multihomed hosts
(was: "Re: Pending OpenSSH release, call for testing", topic drift at
its finest :-)
Markus Moeller wrote:
> Douglas,
>
> OK three possible settings(hostname,connection IP,GSS_C_NO_NAME) are fine for me too.
Does GSS_C_NO_NAME relate to this bug (addressless tickets)?
http://bugzilla.mindrot.org/show_bug.cgi?id=488
BTW, I opened a bug the the multihomed thing a couple of days ago:
http://bugzilla.mindrot.org/show_bug.cgi?id=928
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good ju...
2015 Aug 19
2
Samba 4 DC - no AES kerberos tickets - only arcfour
...4DOM.TEST at S4DOM.TEST
Client: user09999 at S4DOM.TEST
Ticket etype: arcfour-hmac-md5, kvno 1
Session key: aes256-cts-hmac-sha1-96
Ticket length: 1074
Auth time: Aug 19 07:53:10 2015
End time: Aug 19 17:53:04 2015
Ticket flags: enc-pa-rep, pre-authent, initial, proxiable, forwardable
Addresses: addressless
Is there something like a "domain password/secret" that I need to reset too in order to get aes encryption for everything?
If so, how do I do that?
I also cross-checked this with our windows AD (same client) and I get an AES only ticket/key:
<...>
Ticket etype: aes256-cts-hmac-...
2018 Aug 17
3
samba-tool passwordless
Hi,
I'm adding a few DNS RR's using samba-tool. I've tried to use kerberos but
I don't know that to append after -k, I mean:
samba-tool dns add 192.168.50.40 ejemplo.com samba4 A 192.168.50.40 -k
"something"
No clue after something, I've tried with Kerberos, KERBEROS, EXAMPLE.COM
Is it that possible?
Thanks in advance
--
--
Sergio Belkin
LPIC-2 Certified -
2015 Aug 19
0
Samba 4 DC - no AES kerberos tickets - only arcfour
...r09999 at S4DOM.TEST
> Ticket etype: arcfour-hmac-md5, kvno 1
> Session key: aes256-cts-hmac-sha1-96
> Ticket length: 1074
> Auth time: Aug 19 07:53:10 2015
> End time: Aug 19 17:53:04 2015
> Ticket flags: enc-pa-rep, pre-authent, initial, proxiable, forwardable
> Addresses: addressless
>
> Is there something like a "domain password/secret" that I need to reset too in order to get aes encryption for everything?
>
> If so, how do I do that?
>
> I also cross-checked this with our windows AD (same client) and I get an AES only ticket/key:
>
> <.....
2018 Aug 21
0
samba-tool passwordless
...r: krbtgt/EXAMPLE.COM at EXAMPLE.COM
> Client: Administrator at EXAMPLE.COM
> Ticket etype: aes256-cts-hmac-sha1-96, kvno 1
> Ticket length: 1132
> Auth time: Aug 21 16:12:43 2018
> End time: Aug 22 02:12:43 2018
> Ticket flags: pre-authent, initial, forwardable
> Addresses: addressless
>
>
> If I omit "-k yes" it prompts for the password, and works but I'd
> like to do the same with kerberos.
>
> Am I doing something wrong?
>
> Thanks in advance
The syntax is 'samba-tool dns zonelist <server>' not 'samba-tool dns
zoneli...
2005 Jul 06
0
[Bug 488] Patch for kerberos in clusters
...|WONTFIX
------- Additional Comments From simon at sxw.org.uk 2005-07-07 01:08 -------
All of the options setting code was pulled from auth-krb5.c, because without it
the settings in /etc/krb5.conf are used. You should be able to achieve the same
results as this patch by setting 'addressless' in the [libdefaults] section of
your /etc/krb5.conf
If you still believe OpenSSH needs a specific option for this behaviour, please
reopen this bug.
Thanks,
Simon.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2003 Feb 06
0
[Bug 488] New: Patch for kerberos in clusters
...OS/Version: Linux
Status: NEW
Severity: normal
Priority: P2
Component: ssh
AssignedTo: openssh-unix-dev at mindrot.org
ReportedBy: smoogen at lanl.gov
Patch from one of LANL's clustering groups. This allows for openssh to deal with
addressless tickets which seem to come up in areas with 1024+ nodes or so.
------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.
2003 Feb 06
0
[Bug 488] Patch for kerberos in clusters
http://bugzilla.mindrot.org/show_bug.cgi?id=488
------- Additional Comments From smoogen at lanl.gov 2003-02-07 09:44 -------
Created an attachment (id=224)
--> (http://bugzilla.mindrot.org/attachment.cgi?id=224&action=view)
Patch for addressless kerberos tickets
2004 Feb 26
0
krb5-1.3.2 is released (fwd)
...=================================
* Support for AES in GSSAPI has been implemented. This corresponds to
the in-progress work in the IETF (CFX).
* Added a new ccache type "MSLSA:" for read-only access to the MS
Windows LSA cache.
* On Windows, krb5.exe now has a checkbox to request addressless
tickets.
* To avoid compatibility problems, unrecognized TGS options will now
be ignored.
* 128-bit AES has been added to the default enctypes.
* AES cryptosystem now chains IVs. This WILL break backwards
compatibility for the kcmd applications, if they are using AES
session keys.
- ----...
2015 Aug 18
2
Samba 4 DC - no AES kerberos tickets - only arcfour
Hi,
I’ve been running a samba 4 DC for quite some time now, and while testing some kerberos related stuff, I noticed that all kerberos tickets I can get from the DC are of encryption type ?arcfour-hmac-md5“:
# kinit testuser1
testuser1 at S4DOM.TEST's Password:
# klist -v
Credentials cache: FILE:/tmp/krb5cc_0
Ticket etype: arcfour-hmac-md5, kvno 1
I can create keytabs containing