Open SSH kerberos auth not working with 4.21.x keytabs as server principals are in caps/mixed case - keytab breaks RFS 4120, section 6.2.1, fix for 4.21.3 please?

Ralph Boehme slow at samba.org
Sat Dec 21 11:53:54 UTC 2024


Hi Matt,

thanks for bringing this up! Besides a behaviour change we'll also need 
tests to cover this.

@Pavel: iirc you've ween working on the keytab generation code recently. 
Would you be able to look into this?

Thanks!
-slow

On 12/21/24 8:03 AM, Matt Grant via samba-technical wrote:
> Hi!
> 
> 
> Any thoughts on including fix for Bug #15759 for 4.21.3 please? 'sync 
> machine password to keytab' sync_spns is producing non functional key 
> tabs - patch below to lower case default generated parts of service 
> principal names in Unix keytabs
> 
> 
> Its a major functionality breaker.
> 
> 
> Thank you!
> 
> 
> Matt Grant
> 
> 
> 
> 
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20241221/8ba9ea26/OpenPGP_signature.sig>


More information about the samba-technical mailing list