Category Archives: Cisco

Kerberos und IOS

Cisco IOS 12.2 Configuring Kerberos
Cisco IOS 12.4 Configuring Kerberos
Cisco IOS 12.4T Configuring Kerberos

moria# kadmin.local -q ‘addprinc -randkey host/ws-c2940-8tt-s.patrick-preuss.de’
moria# kadmin.local -q ‘ktadd -e DES-CBC-CRC:NORMAL -k /var/www/ios.keytab host/ws-c2940-8tt-s.patrick-preuss.de@PATRICK-PREUSS.DE’

Cisco IOS 121-22.EA11
aaa authentication login default krb5-telnet local krb5
aaa authentication login console-override local
aaa authorization exec default local krb5-instance
kerberos local-realm PATRICK-PREUSS.DE
kerberos srvtab entry host/ws-c2940-8tt-s.patrick-preuss.de@PATRICK-PREUSS.DE 1 1224540392 3 1 8 0<=?;79;5:>>:
kerberos realm patrick-preuss.de PATRICK-PREUSS.DE
kerberos realm .patrick-preuss.de PATRICK-PREUSS.DE
kerberos server PATRICK-PREUSS.DE 10.0.12.32
kerberos instance map admin 15
kerberos credentials forward
— cisco —

Cisco IOS 124-15.T5
aaa authentication login default krb5-telnet krb5 local
aaa authentication login console-override local
! Seams so 12.4 15 T 5 some bugs in kerberos code
! we should do some research in this point
! aaa authorization exec default local krb5-instance
kerberos local-realm PATRICK-PREUSS.DE
kerberos srvtab entry host/cisco1721.patrick-preuss.de@PATRICK-PREUSS.DE 1 1224539305 3 1 8 05>9898=?83
kerberos realm patrick-preuss.de PATRICK-PREUSS.DE
kerberos realm .patrick-preuss.de PATRICK-PREUSS.DE
kerberos server PATRICK-PREUSS.DE 10.0.12.32
kerberos instance map admin 15
kerberos credentials forward
— cisco —