Rocksolid Light

Welcome to RetroBBS

mail  files  register  newsreader  groups  login

Message-ID:  

The Macintosh is Xerox technology at its best.

devel / comp.protocols.kerberos / Re: Kerberos Server Implementation

SubjectAuthor
o Re: Kerberos Server ImplementationRoland C. Dowdeswell

1
Re: Kerberos Server Implementation

<mailman.7.1641939429.8148.kerberos@mit.edu>

  copy mid

https://www.rocksolidbbs.com/devel/article-flat.php?id=195&group=comp.protocols.kerberos#195

  copy link   Newsgroups: comp.protocols.kerberos
Path: i2pn2.org!i2pn.org!weretis.net!feeder6.news.weretis.net!tncsrv06.tnetconsulting.net!.POSTED.mailman.mit.edu!not-for-mail
From: elric@imrryr.org (Roland C. Dowdeswell)
Newsgroups: comp.protocols.kerberos
Subject: Re: Kerberos Server Implementation
Date: Tue, 11 Jan 2022 22:16:42 +0000
Organization: TNet Consulting
Lines: 16
Message-ID: <mailman.7.1641939429.8148.kerberos@mit.edu>
References: <A5A013CF-A713-4512-971C-70FF5A2FDEF6@amazon.com>
<Yd4BytUZyGbAgl4o@disp2133>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Injection-Info: tncsrv06.tnetconsulting.net; posting-host="mailman.mit.edu:18.7.21.50";
logging-data="23349"; mail-complaints-to="newsmaster@tnetconsulting.net"
Cc: "kerberos@mit.edu" <kerberos@mit.edu>
To: "Gupta, Divyansh" <guptadiv@amazon.com>
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none;
b=Vjp9GGpkUOBVGTBnsRZGX3pOiWwYwSw5+WVwIGjWbUFZpl6/e8ddwHSSj5TM8qtXwcUbpZ5v+bKAHCjRLCVD/sVeAXMeEtHqwHFy8Qdj2ccpy/YOM5kMWj+HqKZXGSuGLTsYNldujnm7+lE5OMsoE6IhwBc7ux0XJx1PKYzU4WOh2mR3aYawTJyV9FQH6E+Nep6O5x36uVOkQMmP+eSbfmAskssYE/YrAarr+ao76OkZzg+kCHAN7NH4ezDDbO9A4peXIz5rnYT3fcSn9PkxoMBeIcelhbEt34ogbwcKwCIEygACjf3PT0lYboM5Higp5XL36hb2OcL+XGgKgpwinw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com;
s=arcselector9901;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1;
bh=1SJTxKUtSZ3pQ9t6OwuE/wGXBvgqkW0icVdHJJuifts=;
b=F6GQfPRzVQbfcebauXGuQjG3hYzWeFcKOBFSyjA57mBl2YVp7pH0RawrJ4SC4ozLFgcuXWfibUjLuU3Shc6WydRay3L0bY1wycQC8jqg9Jps4K+HOnoZwBEXOrBh6T0jypVziWLtvXMG1t6APtIh773HRed39GiRXAeQhCGCu8JWVxKiGOsYzvOcPcM5B2bwoYN3HkHPitd4MOQXzPOL1pWgSZ59C3Nw4YgdrWGl0KlCr7iUq41AUKXmrqUG11c7j2j22RIlM9h4fsNmULD3RU5RMX97su+0qlsglcQRdcdmEcl89gHm/OTZlL2eBYBnGx7pG24HHPiKVkO1EZH3UQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none;
dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=mitprod.onmicrosoft.com; s=selector2-mitprod-onmicrosoft-com;
h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck;
bh=1SJTxKUtSZ3pQ9t6OwuE/wGXBvgqkW0icVdHJJuifts=;
b=XZFH93up58qOnyA027um26RFh3it9O7+f/Fy1aDEjSMdRE2/VUJavof1Tr8a4MtIIGSV4pKMfyzrfKJOK04/wNTuP3xH2+81U9MSw7luzouLybe+aRtlOgchsYHtsAyeLFivBOgBh96k0FiyS3TCQSwO530H15g7tpfxUX+Kq50=
Authentication-Results: spf=pass (sender IP is 100.2.39.101)
smtp.mailfrom=imrryr.org; dkim=none (message not signed)
header.d=none;dmarc=pass action=none header.from=imrryr.org;
Received-SPF: Pass (protection.outlook.com: domain of imrryr.org designates
100.2.39.101 as permitted sender) receiver=protection.outlook.com;
client-ip=100.2.39.101; helo=straasha.imrryr.org;
Content-Disposition: inline
In-Reply-To: <A5A013CF-A713-4512-971C-70FF5A2FDEF6@amazon.com>
X-EOPAttributedMessage: 0
X-EOPTenantAttributedMessage: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b:0
X-MS-PublicTrafficType: Email
X-MS-Office365-Filtering-Correlation-Id: 3a60b0f0-91fe-42bd-d4fd-08d9d5500ea0
X-MS-TrafficTypeDiagnostic: CY4PR0101MB2904:EE_
X-LD-Processed: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b,ExtAddr
X-MS-Exchange-AtpMessageProperties: SA
X-Microsoft-Antispam-PRVS: <CY4PR0101MB2904A6B4A16F95CC4F173A3BD0519@CY4PR0101MB2904.prod.exchangelabs.com>
X-MS-Oob-TLC-OOBClassifiers: OLM:9508;
X-MS-Exchange-SenderADCheck: 0
X-MS-Exchange-AntiSpam-Relay: 0
X-Microsoft-Antispam: BCL:0;
X-Microsoft-Antispam-Message-Info: cqEOVFll34JoxdUU93boo9as9+kiKU0YcB4LoEEwVotdA1rXiNi/GoYX+oebk4bQ+PJ7o1gO0AaysS2wk2y8ZpvFY4vyBYLf0F+EEnIWqmLnSNTQAk/oWPddWX1grD38psu3kMpcauY8QEF62RzPpPj7K8ps9lQMeIf/cxt70WKBfVqZSqm981Xg50qvP4sLnNBo3ZKwktWMMUjdqQWyFN7qZnxNnQS97nqX7xn8yf8yxP4c6pXy7x44doINyyxCOiSnhZX4Eah8V+apw8vJukrwPca4obb2fjkbFQULEbbq/dsnCKzCmiLAnFWUSljZpqRpukuxAHVITXc8U5khdZPQ8oo7Mh0+FvSn6LtOL3SZJHzjj/Uqob43gPX2PjFxDpea5OiRp7KgKwCAiQS1klph4gQl8oKMtKF1vBYTdLK6wglosP2n8F2sbxwX217ZKeUBnSrDeztMPhuMkBVfe24n6b/BfrsSphtP2saAvzQaIQd492wvGGkmj8KgXtFQxVCpBPq9dfwmzbfKBlB5XdUzZrhZQTRYxS/VjXjUjsNN5wppHxtCXlqPRJM1K76K99IyuJZYQQKIMNQJ3B8Ik78i2/JhKhntudailGx7Cw/WilOv5IpRgpMLGfhmL6xyfvgkm7by13JYrt5uTHn+5JXG69Wgq+JfX/De89rKiu3hBERG83pIQfp+3SUlRb4E
X-Forefront-Antispam-Report: CIP:100.2.39.101; CTRY:US; LANG:en; SCL:1; SRV:;
IPV:NLI; SFV:NSPM; H:straasha.imrryr.org; PTR:InfoDomainNonexistent; CAT:NONE;
SFS:(4636009)(26005)(81166007)(336012)(6862004)(4744005)(356005)(6266002)(426003)(4326008)(8676002)(83380400001)(5660300002)(3480700007)(70586007)(68406010)(7116003)(786003)(9686003)(316002)(966005)(2906002)(508600001)(33716001)(86362001)(42186006);
DIR:OUT; SFP:1102;
X-Auto-Response-Suppress: DR, OOF, AutoReply
X-MS-Exchange-CrossTenant-OriginalArrivalTime: 11 Jan 2022 22:16:46.7282 (UTC)
X-MS-Exchange-CrossTenant-Network-Message-Id: 3a60b0f0-91fe-42bd-d4fd-08d9d5500ea0
X-MS-Exchange-CrossTenant-Id: 64afd9ba-0ecf-4acf-bc36-935f6235ba8b
X-MS-Exchange-CrossTenant-AuthSource: CO1NAM11FT049.eop-nam11.prod.protection.outlook.com
X-MS-Exchange-CrossTenant-AuthAs: Anonymous
X-MS-Exchange-CrossTenant-FromEntityHeader: Internet
X-MS-Exchange-Transport-CrossTenantHeadersStamped: CY4PR0101MB2904
X-OriginatorOrg: mitprod.onmicrosoft.com
X-BeenThere: kerberos@mit.edu
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: The Kerberos Authentication System Mailing List <kerberos.mit.edu>
List-Unsubscribe: <https://mailman.mit.edu/mailman/options/kerberos>,
<mailto:kerberos-request@mit.edu?subject=unsubscribe>
List-Archive: <http://mailman.mit.edu/pipermail/kerberos/>
List-Post: <mailto:kerberos@mit.edu>
List-Help: <mailto:kerberos-request@mit.edu?subject=help>
List-Subscribe: <https://mailman.mit.edu/mailman/listinfo/kerberos>,
<mailto:kerberos-request@mit.edu?subject=subscribe>
X-Mailman-Original-Message-ID: <Yd4BytUZyGbAgl4o@disp2133>
X-Mailman-Original-References: <A5A013CF-A713-4512-971C-70FF5A2FDEF6@amazon.com>
 by: Roland C. Dowdeswell - Tue, 11 Jan 2022 22:16 UTC

On Tue, Jan 11, 2022 at 08:08:49PM +0000, Gupta, Divyansh via Kerberos wrote:
>

> I am attempting to create an application server with Kerberos
> server-side authentication. I am finding plenty of examples on how to do
> authentication as a Kerberos client, but not finding guides on Kerberos
> server-side. I was wondering if you could point me towards any guides or
> examples on how to do this? I am attempting it in Rust, but a C example
> that I can convert to Rust works just as well. Any help is appreciated.

It's generally recommended to use GSSAPI these days for Kerberos.
https://github.com/elric1/gss-token has both client and server side
GSSAPI code that might help get you started.

--
Roland C. Dowdeswell https://Imrryr.ORG/

devel / comp.protocols.kerberos / Re: Kerberos Server Implementation

1
server_pubkey.txt

rocksolid light 0.9.81
clearnet tor