Subject: Re: NetBSD 1.5 vs. Kerberos v4
To: None <firstname.lastname@example.org>
From: Love <email@example.com>
Date: 01/21/2001 09:38:02
Jason R Thorpe <firstname.lastname@example.org> writes:
> On Fri, Jan 19, 2001 at 01:36:16PM -0600, Tracy J. Di Marco White wrote:
> > I have _tried_, but the only way I've found to do K4 on 1.5 involves
> > installing the kth-krb4 package in pkgsrc then playing with paths.
> > I'm not sure what I'm missing, as I think it should work.
> Well, NetBSD 1.5 includes KTH-KRB4, and it is compiled in to e.g.
> telnet(1). But the problem is that kinit(1) queries a KRB5 server,
> and kinit -4 queries a 524 server.
When kinit get backs a 'wrong version' on the kerberos 5 request from the
kerberos 4 server, it sends a kerberos 4 request. See (current, but I don't
think this have changed) /usr/src/crypto/dist/heimdal/kuser/kinit.c:514
: lha@nutcracker ; /usr/bin/kinit lha@FOO.SE
: lha@nutcracker ; klist
klist: No ticket file: /tmp/krb5cc_00613a
v4-ticket file: /tmp/tkt_00613b
Issued Expires Principal
Jan 21 09:33:26 Jan 21 19:33:26 krbtgt.FOO.SE@FOO.SE
Jan 21 09:33:07 Jan 21 19:33:07 lha@FOO.SE