I've got a problem trying to auth with an MIT KDC on Linux from a windows MIT Kerberos client (1.2.2, although I could probably upgrade to 1.2.4 if required). The error I'm getting appears to imply clock skew, but the machines are synchronised with each other using NTP, and are on the same timezone. Sniffing the packets with ethereal reveals the same time on packets in both directions.
Sep 28 12:27:15 sisko krb5kdc[21145]: preauth (timestamp) verify failure: No matching key in entry Sep 28 12:27:15 sisko krb5kdc[21145]: AS_REQ (3 etypes {16 1 3}) 192.168.2.251(88): PREAUTH_FAILED: [EMAIL PROTECTED] for [EMAIL PROTECTED], Preauthentication failed Is there a way of increasing the verbosity of the logging, for example to print out both timestamps, or a more meaningful error? Tony ________________________________________________ Kerberos mailing list [EMAIL PROTECTED] http://mailman.mit.edu/mailman/listinfo/kerberos