How does the user principal know the service

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

How does the user principal know the service

ZongtianHou
Hi, everyone:
I am a bit confused of the auth process of kerberos. The user principal request the AS for a tgt, then use send the tgt to the TGS to get a ticket. The ticket was encrypted by the service principal key, But how does the TGS know which service principal the user want to access, how the TGS decide use which service principal key to encrypt the ticket so that the ticket can be decrypted by the server? Can someone give me some clue?
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos
Reply | Threaded
Open this post in threaded view
|

Re: How does the user principal know the service

Chris Hecker
You ask for a ticket for a specific service in the request.

Chris

On Sat, Jun 23, 2018 at 14:02 ZongtianHou <[hidden email]> wrote:

> Hi, everyone:
> I am a bit confused of the auth process of kerberos. The user principal
> request the AS for a tgt, then use send the tgt to the TGS to get a ticket.
> The ticket was encrypted by the service principal key, But how does the TGS
> know which service principal the user want to access, how the TGS decide
> use which service principal key to encrypt the ticket so that the ticket
> can be decrypted by the server? Can someone give me some clue?
> ________________________________________________
> Kerberos mailing list           [hidden email]
> https://mailman.mit.edu/mailman/listinfo/kerberos
>
________________________________________________
Kerberos mailing list           [hidden email]
https://mailman.mit.edu/mailman/listinfo/kerberos