Subject: Re: Kerberos IV
To: Peter Seebach <>
From: Love <>
List: current-users
Date: 11/05/2000 08:16:20 (Peter Seebach) writes:

> Quick summary:  I am stuck, for the forseeable future, using a Kerberos IV
> server.
> Can NetBSD-current be made, in *any* way, to use a KerberosIV server?  If
> not, why, oh why, did we switch to Kerberos V if it would break
> interoperability?

It doesn't. You can get the best of two worlds (and the still have the bad
onces of krb4). We use a heimdal(0.3c) kdc with both krb4 and krb5 client
w/o any problems. Two programs left that require krb4 support (afs and
zephyr) for now...

(/usr/share/info/ 4 issues.

If compiled with version 4 support, the KDC can serve requests from a
Kerberos 4 client. There are a few things you must do for this to work.


Like adding `[kadmin]use_v4_salt = yes' or `[kadmin]default_keys =
des3:pw-salt des:pw-salt des:pw-salt:' (current) to your krb5.conf.

Adding `[libdefaults]krb4_get_tickets = yes' might also improve your
quailty of life as a krb4 client.