[linux-cifs-client] Keytab support in cifs.spnego helper

Igor Mammedov niallain at gmail.com
Wed Apr 2 14:04:22 GMT 2008


0001-Fix-cifs-upcall-key-name-for-DNS-resolving.patch - corrects key name for cifs dns upcall

0002-Adds-support-for-using-krb5.keytab-for-non-interacti.patch - adds support for non interactive mount using keytab

Some notes:
It uses default keytab (as it defined in kerberos libs or in krb5.conf).
Mount options should look like this:
	user=my_krb5_username,password=fake,sec=krb5i

option: 'password' is just for mount.cifs to be happy and not ask for password.

Entry to keytab added with ktutil command:

'addent -password -p my_krb5_username -k 1 -e rc4-hmac'

PS:
 In my case only 'rc4-hmac' encryption worked (a krb5 libs' issue I think).
 You could check with 'kinit -k' if added entry works.

-- 

Best regards,

-------------------------
Igor Mammedov,
niallain "at" gmail.com




-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-Fix-cifs-upcall-key-name-for-DNS-resolving.patch
Type: text/x-patch
Size: 1465 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux-cifs-client/attachments/20080402/f71c3e3a/0001-Fix-cifs-upcall-key-name-for-DNS-resolving.bin
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0002-Adds-support-for-using-krb5.keytab-for-non-interacti.patch
Type: text/x-patch
Size: 9310 bytes
Desc: not available
Url : http://lists.samba.org/archive/linux-cifs-client/attachments/20080402/f71c3e3a/0002-Adds-support-for-using-krb5.keytab-for-non-interacti.bin


More information about the linux-cifs-client mailing list