#263 Validate tgt with host keytab
Closed: Fixed None Opened 14 years ago by sbose.

To be able to detect man-in-the-middle attacks the tgt should be validated where possible


Massaging the milestone and version fields a bit.

milestone: SSSD Deferred => SSSD 1.0 RC
version: SSSD 1.0 RC => master

Fixed in 9c49fb9

fixedin: => 1.0.0rc
resolution: => fixed
status: new => closed
tests: 0 => 1

Please add more information about what was done and end user use case for this ticket. I need to know how to test this. Thanks!

manual test written.

tests: 1 => 0
testsupdated: 0 => 1

The validation is done automatically by the IPA provider. So if you test authentication with IPA validation is tested, too.

For other environments you have to create a keytab file for your test machine. If you do not store the keytab in /etc/krb5.conf on the test client you have to use the 'krb5_keytab' option.

Fields changed

rhbz: => 0

Metadata Update from @sbose:
- Issue assigned to sbose
- Issue set to the milestone: SSSD 1.0 RC

7 years ago

SSSD is moving from Pagure to Github. This means that new issues and pull requests
will be accepted only in SSSD's github repository.

This issue has been cloned to Github and is available here:
- https://github.com/SSSD/sssd/issues/1305

If you want to receive further updates on the issue, please navigate to the github issue
and click on subscribe button.

Thank you for understanding. We apologize for all inconvenience.

Login to comment on this ticket.

Metadata