Heimdal 7.3: ext_keytab fails with "Operation requires `get-keys' privilege"

Fredrik Pettai pettai at sunet.se
Wed Jun 28 21:21:10 CEST 2017

On 28 Jun 2017, at 17:48, Jeffrey Altman <jaltman at secure-endpoints.com> wrote:
> On 6/28/2017 1:17 AM, Russ Allbery wrote:
>> Nico Williams <nico at cryptonector.com> writes:
>>> We do need better key mgmt support though.  It'd nice to have automatic
>>> rekeying and expunging of keys too old to be needed for decrypting
>>> extant live tickets.
>> Yes, please, or I will inflict my hideous shell script on you that does
>> this (using wallet).
> I would be interested in hearing from the participants of this list
> whether or not it would be appropriate to ship some of the Secure
> Endpoints open source kerberos tooling as part of Heimdal:
> http://oskt.secure-endpoints.com/
> In particular, Roland's krb5_admin, krb5_keytab, and the C variant of KNC.

I’d like to see k5ping added to that list too :)  


More information about the Heimdal-discuss mailing list