kerberos custom credential cache
J. Bruce Fields
bfields at fieldses.org
Tue Sep 26 11:58:46 EDT 2006
On Fri, Sep 22, 2006 at 12:04:36PM -0500, wrote:
> I got NFS4 with Kerberos working on a Debian server and client, but
> Ive run into a problem. Our Kerberos implementation uses a custom
> credential cache, which nfs (kernel? libgssapi?) dosnt seem to
> understand. If I force the credential cache to be a file, it works
> great. Im not a great programmer, but if someone could point me in
> the right direction, I am willing to attempt adding in the needed
> custom changes.
Currently all gssd gets is a uid, and it must somehow find the
credential cache from that uid--it knows nothing else about who
requested the gss context or why.
As long as you have a way to find the credential cache from the uid, the
rest should be a simple matter of programming....
> Also, our site uses aes256 keys for everything, so I would like to
> investigate what might be needed to support encryption types other
> than single des, specifically types 16-18. Has anyone looked into
> this?
Yes, I'm working on it right now, but it may take some time.
--b.
More information about the NFSv4
mailing list