help-gsasl
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: help with gssapi smtp auth

From: Simon Josefsson
Subject: Re: help with gssapi smtp auth
Date: Thu, 15 Dec 2005 10:40:31 +0100
User-agent: Gnus/5.110004 (No Gnus v0.4) Emacs/22.0.50 (gnu/linux) 
"Umapati Singh" <address@hidden> writes:

> Hi all,
>  
> I am trying to obtain STMP AUTH using the gssapi mechanism.  Can anyone
> please provide me with a sample/screesnshot for  a gssapi session so that
> i could know what messages and in what order do they need to be passed.

Hi!  Below is the output from GNU SASL connecting to a SMTP server,
upgrading the connection to TLS (using GnuTLS) and authenticating
using the Kerberos V5 implementation in GNU Shishi via GNU GSS.  I
think the SMTP server is Sendmail linked to Heimdal.

Other GSS-API implementations, such as MIT Kerberos, Heimdal or Sun's,
should work too.

Hope this helps,
Simon

PS.  The 'libshishi' warning below is because the server is using
buggy Kerberos V5 libraries.

address@hidden:~$ gsasl --smtp smtp.nada.kth.se
Trying `smtp.nada.kth.se'...
220 smtp.nada.kth.se ESMTP Sendmail 8.12.11/8.12.11; Thu, 15 Dec 2005 10:35:07 
+0100 (MET)
EHLO [127.0.0.1]
250-smtp.nada.kth.se Hello h14n1c1o1033.bredband.skanova.com [81.225.104.14], 
pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-AUTH GSSAPI
250-STARTTLS
250-DELIVERBY
250 HELP
STARTTLS
220 2.0.0 Ready to start TLS
EHLO [127.0.0.1]
250-smtp.nada.kth.se Hello h14n1c1o1033.bredband.skanova.com [81.225.104.14], 
pleased to meet you
250-ENHANCEDSTATUSCODES
250-PIPELINING
250-8BITMIME
250-SIZE
250-DSN
250-AUTH GSSAPI PLAIN
250-DELIVERBY
250 HELP
AUTH GSSAPI
334
libshishi: warning: KDC bug: Reply encrypted using wrong key.
YIICEQYJKoZIhvcSAQICAQBuggIAMIIB/KADAgEFoQMCAQ6iBwMFACAAAACjggETYYIBDzCCAQugAwIBBaENGwtOQURBLktUSC5TRaIjMCGgAwIBAaEaMBgbBHNtdHAbEHNtdHAubmFkYS5rdGguc2Wjgc8wgcygAwIBEKEDAgEJooG/BIG8msq2xygko4Lv0Agu5pW6SEundUbFK5swuopukvx9kTidWULb/Ab490wQbtnKx3lmM3BFvNFvuUyD3zvh9PHggwz7T7eZYSCDaovIL/QZ0ismF3lZejZBSwBhgLDADQuk4nZHbbeoU9Lk+1jzsMJguNh6Ot3G6o8WLqFZoe8pi3NuxzSdjutjg3O9s/fasuSB9T85bq6oIMWGr5HHRNBNUF4x11tK3ytpsVoMNpKng3d4bY8tLgnxxLCmREakgc8wgcygAwIBEKEDAgEBooG/BIG8SPCDQwKGzJfZGg+MgqQquBiGBXA2uy/08gPE19vuTBP7XyL2H4EaVqtl71MeVxExbat/CNAK3dMXkNqR6VHxZqb+ky8MYMDo452Z1sN6BfIsKcsy2BcYTwFJMtgdn21vTWVHtMPH3wtXPuPFGn3jigjsXiAyytXi1Y4p4Tni+ox5ndlZuqBJGeThVxyZIpCEI+5rWflxDIYVa/8CAcRUPQqoDpQIs5zkwfoPQtTdfRLdph5VxQ79N9PnvnQ=
334 
YGwGCSqGSIb3EgECAgIAb10wW6ADAgEFoQMCAQ+iTzBNoAMCARCiRgRE2FBXYUbT0MVIicgLYE/FKy6CcrvfQxZaoxyt05qqxJBL13kqneza/TKe5i0mjsN0Nc90KW/l4rL0eQ76vWMenaE1Lw8=

334 
YD8GCSqGSIb3EgECAgIBBAD/////IGqNk7Rz3+kPdzT9oYPRWnQi/ESL0p3EeQ2yNLWArrmdOzxpBwAgAAQEBAQ=
Using system username `jas' as authentication identity.
YD8GCSqGSIb3EgECAgIBBAD/////JhNtx+GhzYe54NY92BltbUHD6i02upmatfXUnIGrBR5vT5yuAQAgAGphcwE=
235 2.0.0 OK Authenticated
Client authentication finished (server trusted)...
Enter application data (EOF to finish):
quit
221 2.0.0 smtp.nada.kth.se closing connection
Session finished...
QUIT
address@hidden:~$
reply via email to
[Prev in Thread] Current Thread [Next in Thread]