Keytab support in cifs.spnego helper
Igor Mammedov
niallain at gmail.com
Wed Apr 2 14:04:22 GMT 2008
0001-Fix-cifs-upcall-key-name-for-DNS-resolving.patch - corrects key name for cifs dns upcall
0002-Adds-support-for-using-krb5.keytab-for-non-interacti.patch - adds support for non interactive mount using keytab
Some notes:
It uses default keytab (as it defined in kerberos libs or in krb5.conf).
Mount options should look like this:
user=my_krb5_username,password=fake,sec=krb5i
option: 'password' is just for mount.cifs to be happy and not ask for password.
Entry to keytab added with ktutil command:
'addent -password -p my_krb5_username -k 1 -e rc4-hmac'
PS:
In my case only 'rc4-hmac' encryption worked (a krb5 libs' issue I think).
You could check with 'kinit -k' if added entry works.
--
Best regards,
-------------------------
Igor Mammedov,
niallain "at" gmail.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-cifs-upcall-key-name-for-DNS-resolving.patch
Type: text/x-patch
Size: 1465 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20080402/f71c3e3a/0001-Fix-cifs-upcall-key-name-for-DNS-resolving.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Adds-support-for-using-krb5.keytab-for-non-interacti.patch
Type: text/x-patch
Size: 9310 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20080402/f71c3e3a/0002-Adds-support-for-using-krb5.keytab-for-non-interacti.bin
More information about the samba-technical
mailing list