search for: randkey

Author: willf Repository: /hg/zfs-crypto/gate Revision: efc14bf5fbfc26ff040aab6292cb3b1d7b6334aa Log message: 6403208 kadmin.local -q ''cpw -randkey <princ>'' not using all supported enctypes Files: update: usr/src/cmd/krb5/kadmin/cli/kadmin.c

...e decode part is llvm pass, could I do it like what I want? Thanks Qiuyu decode pass: using namespace llvm; #define endl "\n" namespace { struct DecodeStr : public FunctionPass{ virtual bool runOnFunction(Function &F); private: void DecodeString(Module *M); void get_randKey(Module *M); Constant *randKey; }; RegisterOpt<DecodeStr> X("DecodeStr", "Decode to visible string"); } bool DecodeStr::runOnFunction(Function &F){ get_randKey(F.getParent()); DecodeString(F.getParent()); return true; } void DecodeStr::get_randKey(Modu...

...add the principal to the domain? Will adding the missing principal using "samba-tool spn" solve problems like these? According to https://help.ubuntu.com/community/SingleSignOn , you add a host to the kerberos realm by doing these two commands on the kerberos server: kadmin: addprinc -randkey host/client.example.com @ EXAMPLE.COM kadmin: ktadd -k ~/client.keytab host/client.example.com @ EXAMPLE.COM I am guessing that "kadmin: ktadd -k ~/client.keytab host/client.example.com@ EXAMPLE.COM" is the equivalent of "samba-tool domain exportkeytab ~/client.keytab --principal=ho...

...to test this portion unless (defined? TESTING) || File.exists?(@keytab_filename) # TODO replace with Kr5Auth when it supports admin actions - puts "Writing keytab file: #{@keytab_filename}" unless defined?(TESTING) - kadmin_local('addprinc -randkey ' + libvirt_princ) - kadmin_local('ktadd -k ' + @keytab_filename + ' ' + libvirt_princ) - kadmin_local('addprinc -randkey ' + qpidd_princ) - kadmin_local('ktadd -k ' + @keytab_filename + ' ' + qpidd_princ) + krb5c...

...rbV.Context().default_realm + +# In the following tuple, [0] is fqdn, [2] is ip address +server_fqdn = socket.gethostbyaddr(socket.gethostname())[0] + +rsyslog_princ = 'rsyslog/' + server_fqdn + '@' + default_realm +outname = '/etc/krb5.keytab' + +kadmin_local('addprinc -randkey ' + rsyslog_princ) +kadmin_local('ktadd -k ' + outname + ' ' + rsyslog_princ) + +os.chmod(outname, 0644) diff --git a/src/host-browser/host-browser.rb b/src/host-browser/host-browser.rb index d77b321..576b0f6 100755 --- a/src/host-browser/host-browser.rb +++ b/src/host-browser/h...

...t;/usr/local/samba/lib64/python2.6/site-packages/samba/netcmd/domain.py", line 117, in run net.export_keytab(keytab=keytab, principal=principal) Removing the realm from the request fails in the same way. If I was using Kerberos without samba, I would just do: kadmin -q "addprinc -randkey GEMSTONE64/bunk.gemtalksystems.com" kadmin -q "xst -norandkey -k my.keytab GEMSTONE64/bunk.gemtalksystems.com" but I know kadmin is a no-no under samba. How can I get a keytab which contains the service principal? Norm Green

...c symbols. (that is, pull it from the current # user''s info.) def validate begin self.account = Account.find(self.account_id) rescue errors.add(:account_id) end end # need to create an activation key and store its hash def before_create #randkey = MiscUtils.random_string(20) # XXX: right now we''re not sending emails, so we won''t know what the un-hashed key was... randkey = "foo" self.activation_key_hash = MiscUtils.hexdigest(randkey) end # simple wrapper to do the digest''ing of t...

Hi, i would like to use on Centos 5 Microsoft kerberos tickets for authentication for some applications. LDAP FDS for example. For that I have to add some spn to Active Directory. And afterwards to export this to local keytab. --------- kadmin -q "add_principal -randkey ldap/${INSTANCE}.${fully-qualified-domain}" Then, export that key to a keytab file. If you've deployed other services which also authenticate users using Kerberos on the same system, it's recommended that you give each one its own keytab file. kadmin -q "ktadd -k /etc/dirsrv...

Hi list, Is it possible to set up an NFSv4/Kerberos environment on CentOS 5.1? I set up Kerberos and NFS but get several erros "Warning: rpc.gssd appears not to be running. mount.nfs4: Permission denied" Is this an CentOS oder an config problem? Greetings Sebastian -------------- next part -------------- A non-text attachment was scrubbed... Name: signature.asc Type:

...ks on all machines represent the same time (synced using a local NTP server) 3) Created a service principle for nfs.example.net by performing the following commands on the nfs.example.net machine: - (Performed on NFS server) a. kadmin (Logged in as an admin principle) b. addprinc -randkey nfs/nfs.example.net c. ktadd -e des-cbc-crc:normal nfs/nfs.example.net d. quit e. kinit nfs/nfs.example.net -k -t /etc/krb5.keytab f. klist to verify 4) Edited /etc/idmapd.conf with the following changes: - (Performed on NFS server) a. changed Nobody-{User,Grou...

...installed 'nfs-kernel-server' on server, 'nfs-common' on client. Ok, this is easy. b) AFAI've understood i need to create a 'principal', type 'NFS', for server and client, and store the key in ''local keytab''. Debian wiki suggest: addpriv -randkey NFS/vdmpp1.ad.fvg.lnf.it at AD.FVG.LNF.IT ktadd NFS/vdmpp1.ad.fvg.lnf.it at AD.FVG.LNF.IT but in 'samba' lingo the same operation can be obtained with (run in the client and server, with appropiate data): net -U gaio ads keytab add NFS/vdmpp1.ad.fvg.lnf.it at AD.FVG.LNF.IT -k done that...

Hi Is there any way to re-export an nfs mounted directory? I am having three servers runnning on centos4.5 and i am trying to implement nfs share in an below manner [bcoz there is no alternative way for me to setup nfs share] HOST A--->>>EXPORTS /prod/data ------->>>HOST B HOST B ---->>MOUNTED ------>>> /prod/data-----UNDER---/PROD1 [working fine] HOST B

...-common' on client. > Ok, this is easy. > Yes, that is easy... > > b) AFAI've understood i need to create a 'principal', type 'NFS', for > server and client, and store the key in ''local keytab''. Debian wiki > suggest: > addpriv -randkey NFS/vdmpp1.ad.fvg.lnf.it at AD.FVG.LNF.IT > ktadd NFS/vdmpp1.ad.fvg.lnf.it at AD.FVG.LNF.IT > > but in 'samba' lingo the same operation can be obtained with (run in > the client and server, with appropiate data): > > net -U gaio ads keytab add > NFS/vdmpp1.ad.fvg.l...