0
我將kerberos集成到我們的項目中,首先我部署了一個KDC服務器,然後我想測試它是否工作,因此我使用kerberos telnet來測試,但我收到以下錯誤信息:呼叫幫助在linux中安裝加密庫以編程kerberos
Escape character is '^]'.
>>>TELNET: I support auth type 2 6
>>>TELNET: I support auth type 2 2
>>>TELNET: I support auth type 2 0
>>>TELNET: I support auth type 1 2
>>>TELNET: I support auth type 1 0
>>>TELNET: I will support DES_CFB64
>>>TELNET: I will support DES_OFB64
Waiting for encryption to be negotiated...
>>>TELNET: auth_send got: 02 06 02 02 02 00
>>>TELNET: He supports 2
>>>TELNET: Trying 2 6
telnet: calling krb5_sname_to_principal
telnet: done calling krb5_sname_to_principal
telnet: Kerberos V5: failure on credentials(KDC has no support for encryption type)
>>>TELNET: He supports 2
>>>TELNET: Trying 2 2
telnet: calling krb5_sname_to_principal
telnet: done calling krb5_sname_to_principal
telnet: Kerberos V5: failure on credentials(KDC has no support for encryption type)
>>>TELNET: He supports 2
>>>TELNET: Trying 2 0
telnet: calling krb5_sname_to_principal
telnet: done calling krb5_sname_to_principal
telnet: Kerberos V5: failure on credentials(KDC has no support for encryption type)
>>>TELNET: Sent failure message
>>>TELNET: Request input to be encrypted
>>>TELNET: He is supporting DES_CFB64 (1)
>>>TELNET: He is supporting DES_OFB64 (2)
>>>TELNET: (*ep->start)() returned 7
Negotiation of authentication, which is required for encryption,
has failed. Good-bye.
看來,我的KDC不支持某些encryt算法,所以我想問的是有沒有萬能的地穴庫,我可以在Linux和UNIX安裝?如果有一個,請告訴我,我想安裝它並讓我的KDC工作,謝謝。
設置甚至telnet來辦的Kerberos身份驗證ISN」 t直線前進,你確定在服務器端正確配置了所有東西,並且正確的服務主體被創建並提取到你的keytabs? – nos
是的,我使用主機A作爲telnet客戶端,主機B作爲telnet服務器,主機C和主機D作爲KDC服務器,問題是當我使用主機D作爲KDC時,一切正常,A可以通過telnet到B門票和klist顯示正確的憑據,但是當我將KDC切換到主機C時,我得到了上述問題,所以我想知道是否缺少一些cryto庫.... – wangshuaijie