Hi Victor,
What does the squid log say when you use -d for the authentication
helper ?
Can you provide a wireshark capture from the client ? I guess that
2008 is using AES not RC4.
Markus
"Victor Sudakov" wrote in message
news:20160304162923.GB81514@xxxxxxxxxxxxxxxxxxxxxx...
L.P.H. van Belle wrote:
What is the output of
ktutil list
(of the squid keytab. )
I have already quoted it in the previous message, but I am happy to repeat:
/usr/local/etc/squid/squid.keytab:
Vno Type Principal
1 arcfour-hmac-md5 HTTP/proxy.sibptus.transneft.ru@xxxxxxxxxxxxxxxxxxxx
1 arcfour-hmac-md5 squiduser@xxxxxxxxxxxxxxxxxxxx
1 arcfour-hmac-md5 HTTP/proxy2.sibptus.ru@xxxxxxxxxxxxxxxxxxxx
1 arcfour-hmac-md5 HTTP/proxy2.SIBPTUS.ru@xxxxxxxxxxxxxxxxxxxx
1 arcfour-hmac-md5 HTTP/proxy2.sibptus.ru@xxxxxxxxxxx
[root@proxy2 local/etc/squid]
And you can try adding To krb5.conf
; for Windows 2008 with AES
As you can see, there is only one key with only one enctype for the
2008 realm. It is the very type that the ticket on Windows has. I can
consider adding some more keys to the squid keytab, but I'm afraid the
problem is eisewhere.
--
Victor Sudakov, VAS4-RIPE, VAS47-RIPN
sip:sudakov@xxxxxxxxxxxxxxxx
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@xxxxxxxxxxxxxxxxxxxxx
http://lists.squid-cache.org/listinfo/squid-users
