ktadd/addprinc -e "WHAT-GOES-HERE"???
Hello people,
I have been searching in vain for the correct collection of letters and dashes to enter within speech-marks after the -e switch of the ktadd/addprinc command. The codes for supported encryption keys I found at http://web.mit.edu/kerberos/www/krb5-1.4/krb5-1.4.3/doc/krb5-admin/Supported-Encryption-Types.html#Supported%20Encryption%20Types do not work. For example:
ktadd -e "des3-hmac-sha1" host/<BLAH>
ktadd: Invalid argument while parsing keysalts des-hmac-sha1
as well as:
ktadd -e "aes256-cts-hmac-sha1-96" host/<BLAH>
ktadd: Invalid argument while parsing keysalts aes25X-cts-hmac-sha1-96
kadmin fails to register the 3 and one of the 6s!
addprinc has the same problem, but with a slightly different output:
add_principal: Invalid argument while parsing keysalts aes25/-cts-hmac-sha1-96
Without speechmakrs the problem is the same, with single speech marks the single speech marks are icluded in the enc-key, although the number is then registered.
$TERM is vt220, $EDITOR is vi. OS is Solaris 8.
Playing around with it a little I notice I can escape the 3 and then kadmin sees it, but also the \. Also, it sees all 3s as long as they do not occur before a dash. It seems the sequence: "No. followed directly by a dash" seems to be a problem for kadmin. Has anyone else experienced this?
Can someone please confirm that the list posted at the address mentioned above is the official list, and also the correct form for the various key types to be entered when selecting a preferred key. If it is not, and I have misunderstood something, can someone PLEASE point me in the right direction.
Best regards
Toby
Mit freundlichen Grüßen
Toby Russell
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Vattenfall Europe Information Services GmbH
Datacentre Systemservice
Überseering 12
22297 Hamburg
Standort
Rohrdamm 7
13629 Berlin
fon +49 (0) 30 60005 - 4533
fax +49 (0) 30 60005 - 4549
E-Mail mailto:toby.russell@xxxxxxxxxxxxx <mailto:toby.russell@xxxxxxxxxxxxx>
Internet http://www.vattenfall.de/is
________________________________________________
Kerberos mailing list Kerberos@xxxxxxx
https://mailman.mit.edu/mailman/listinfo/kerberos
.
Relevant Pages
- Re: 0x8024D007, automatic update service starting, REGSVR32 wuauen
... Yes, when I try to register wuaueng.dll, I get the same error (Invalid ... access to memory location) as when I try to start the BITS service. ... When I try to register wuaueng.dll by using the command REGSVR32 ... That would hopefully expose the source of the failure. ...
(microsoft.public.windowsupdate) - Re: [RFT] x86 acpi: normalize segment descriptor register on resume
... On Monday, 14 of July 2008, H. Peter Anvin wrote: ... If s3_bios depends on the (invalid) contents of the hidden part of any segment ... register, it's just terminally broken. ...
(Linux-Kernel) - Re: ktadd/addprinc -e "WHAT-GOES-HERE"???
... >ktadd: Invalid argument while parsing keysalts des-hmac-sha1 ... You need to add a key SALT as well. ...
(comp.protocols.kerberos) - [PATCH 06/21] amd64_edac: add functionality to compute the DRAM hole
... * the fact that the register only stores bits 39-24 of the value. ... Info may be invalid for either of the following reasons: ... In this case, the DRAM ... * - The DramHoleValid bit is cleared in the DRAM Hole Address Register, ...
(Linux-Kernel) - [PATCH 08/21] amd64_edac: add functionality to compute the DRAM hole
... * the fact that the register only stores bits 39-24 of the value. ... Info may be invalid for either of the following reasons: ... In this case, the DRAM ... * - The DramHoleValid bit is cleared in the DRAM Hole Address Register, ...
(Linux-Kernel) |
|
