Connecting to the host

The service decrypts the host ticket using it’s secret key which it has stored in a secure file on the local filesystem. This gives it a copy of the new session key, KS2, which is part of the ticket.

It then uses the new session key to decrypt the Authenticator, authenticating the client.

The service decrypts the host ticket using it’s secret key which it has stored in a secure file on the local filesystem. This gives it a copy of the new session key, KS2, which is part of the ticket.